Search for packages
| purl | pkg:deb/ubuntu/qtbase-opensource-src@5.12.2%2Bdfsg-4ubuntu1 |
| Next non-vulnerable version | 5.12.8+dfsg-0ubuntu1 |
| Latest non-vulnerable version | 5.12.8+dfsg-0ubuntu1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1qkn-nzf8-aaaf
Aliases: CVE-2015-9541 |
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. |
Affected by 1 other vulnerability. |
|
VCID-74ct-7v5h-aaae
Aliases: CVE-2019-18281 |
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. |
Affected by 2 other vulnerabilities. |
|
VCID-9m91-css2-aaad
Aliases: CVE-2020-24742 |
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. |
Affected by 0 other vulnerabilities. |
|
VCID-rpsv-xny3-aaap
Aliases: CVE-2020-0569 |
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. |
Affected by 2 other vulnerabilities. |
|
VCID-txpf-1k3n-aaaf
Aliases: CVE-2020-0570 |
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|