AI Score
Confidence
Low
EPSS
Percentile
54.5%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
[
{
"cpes": [
"cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*"
],
"vendor": "qt",
"product": "qt",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "5.15.5",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:qt:qt:6.3.0:-:*:*:*:*:*:*"
],
"vendor": "qt",
"product": "qt",
"versions": [
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.5.3",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*"
],
"vendor": "fedoraproject",
"product": "fedora",
"versions": [
{
"status": "affected",
"version": "38"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*"
],
"vendor": "fedoraproject",
"product": "fedora",
"versions": [
{
"status": "affected",
"version": "37"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:qt:qt:6.0.0:*:*:*:*:*:*:*"
],
"vendor": "qt",
"product": "qt",
"versions": [
{
"status": "affected",
"version": "6.0.0",
"lessThan": "6.2.10",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
codereview.qt-project.org/c/qt/qtbase/+/488960
lists.debian.org/debian-lts-announce/2023/08/msg00028.html
lists.debian.org/debian-lts-announce/2024/04/msg00027.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5C3NYVJ73ITE6HUOVVHBUAGORVEJRHO/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEGQ6DFTL2BEJMHCD5FJGI6XLWQI7UEA/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFZORZYCMUZZFIOEZICJ7VH2BZIGY3HV/