cbcvebase.
CVE-2015-0295
published 2015-03-25

CVE-2015-0295: The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a…

PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
6.36%
92.8th percentile
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianqtbase-opensource-src< qtbase-opensource-src 5.3.2+dfsg-5 (bookworm)qtbase-opensource-src 5.3.2+dfsg-5 (bookworm)
digiaqt<= 5.4.1
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
opensuseopensuse

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.