Search for packages
| purl | pkg:deb/ubuntu/qtbase-opensource-src@5.9.5%2Bdfsg-0ubuntu2.6 |
| Next non-vulnerable version | 5.12.8+dfsg-0ubuntu1 |
| Latest non-vulnerable version | 5.12.8+dfsg-0ubuntu1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1qkn-nzf8-aaaf
Aliases: CVE-2015-9541 |
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. |
Affected by 1 other vulnerability. |
|
VCID-5g5x-8nra-aaac
Aliases: CVE-2016-10040 |
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. |
Affected by 6 other vulnerabilities. |
|
VCID-9m91-css2-aaad
Aliases: CVE-2020-24742 |
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-efyy-g8eg-aaaa | An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. |
CVE-2020-17507
|
| VCID-fshm-aucd-aaap | Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). |
CVE-2021-38593
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|