VulnerableCode Package Details - pkg:deb/ubuntu/qtbase-opensource-src@5.11.2%2Bdfsg-7ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/qtbase-opensource-src@5.11.2%2Bdfsg-7ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/qtbase-opensource-src@5.11.2%2Bdfsg-7ubuntu1

Next non-vulnerable version	5.12.8+dfsg-0ubuntu1
Latest non-vulnerable version	5.12.8+dfsg-0ubuntu1
Risk	3.5

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-1qkn-nzf8-aaaf Aliases: CVE-2015-9541	Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.	5.12.5+dfsg-9build1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-4vj1-dm1q-aaan Aliases: CVE-2018-19872	An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.	5.11.3+dfsg-5ubuntu1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-5g5x-8nra-aaac Aliases: CVE-2016-10040	Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.	5.11.3+dfsg-2ubuntu1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-74ct-7v5h-aaae Aliases: CVE-2019-18281	An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.	5.12.4+dfsg-4ubuntu1.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-9m91-css2-aaad Aliases: CVE-2020-24742	An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.	5.12.8+dfsg-0ubuntu1 Affected by 0 other vulnerabilities.
VCID-rpsv-xny3-aaap Aliases: CVE-2020-0569	Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.	5.12.4+dfsg-4ubuntu1.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-txpf-1k3n-aaaf Aliases: CVE-2020-0570	Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.	5.12.4+dfsg-4ubuntu1.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version