Search for vulnerabilities
Vulnerability details: VCID-n8nu-upa4-rfb2
Vulnerability ID VCID-n8nu-upa4-rfb2
Aliases CVE-2023-32573
Summary In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-369 Divide By Zero
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32573.json
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2023-32573
cvssv3.1 6.5 https://codereview.qt-project.org/c/qt/qtsvg/+/474093
ssvc Track https://codereview.qt-project.org/c/qt/qtsvg/+/474093
cvssv3.1 4.4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
ssvc Track https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-32573
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32573.json
https://api.first.org/data/v1/epss?cve=CVE-2023-32573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32573
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2208135 https://bugzilla.redhat.com/show_bug.cgi?id=2208135
474093 https://codereview.qt-project.org/c/qt/qtsvg/+/474093
cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
CVE-2023-32573 https://nvd.nist.gov/vuln/detail/CVE-2023-32573
msg00028.html https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
RHSA-2023:6369 https://access.redhat.com/errata/RHSA-2023:6369
RHSA-2023:6961 https://access.redhat.com/errata/RHSA-2023:6961
UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32573.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://codereview.qt-project.org/c/qt/qtsvg/+/474093
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:49:26Z/ Found at https://codereview.qt-project.org/c/qt/qtsvg/+/474093
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:49:26Z/ Found at https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:49:26Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-32573
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.20019
EPSS Score 0.00063
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:48:03.728038+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.19/community.json 37.0.0