VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-zdxx-gvsz-9fca

Vulnerability ID	VCID-zdxx-gvsz-9fca
Aliases	CVE-2023-5997
Summary	Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution.
Status	Published
Exploitability	0.5
Weighted Severity	0.0
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
epss	0.00403	https://api.first.org/data/v1/epss?cve=CVE-2023-5997
ssvc	Track	https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html
ssvc	Track	https://crbug.com/1497997
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC/
ssvc	Track	https://security.gentoo.org/glsa/202311-11
ssvc	Track	https://security.gentoo.org/glsa/202312-07
ssvc	Track	https://security.gentoo.org/glsa/202401-34
ssvc	Track	https://www.debian.org/security/2023/dsa-5556

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2023-5997
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5997
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6112
1497997		https://crbug.com/1497997
dsa-5556		https://www.debian.org/security/2023/dsa-5556
GLSA-202311-11		https://security.gentoo.org/glsa/202311-11
GLSA-202312-07		https://security.gentoo.org/glsa/202312-07
GLSA-202402-14		https://security.gentoo.org/glsa/202402-14
JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5/
MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X/
stable-channel-update-for-desktop_14.html		https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html
XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC/

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T05:00:14Z/ Found at https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T05:00:14Z/ Found at https://crbug.com/1497997

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T05:00:14Z/ Found at https://security.gentoo.org/glsa/202311-11

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T05:00:14Z/ Found at https://security.gentoo.org/glsa/202312-07

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T05:00:14Z/ Found at https://security.gentoo.org/glsa/202401-34

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T05:00:14Z/ Found at https://www.debian.org/security/2023/dsa-5556

Exploit Prediction Scoring System (EPSS)

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:58:39.935831+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/202402-14	38.0.0