Debian Qtbase-Opensource-Src vulnerabilities

CVE-2021-38593 [HIGH] CVE-2021-38593: qtbase-opensource-src - Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlin... Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-0570 [HIGH] CVE-2020-0570: qtbase-opensource-src - Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may ... Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. Scope: local bookworm: resolved (fixed in 5.12.5+dfsg-8) bullseye: resolved (fixed in 5.12.5+dfsg-8) forky: resolved (fixed in 5.12.5+dfsg-8) sid: resolved (fixed in 5.12.5+dfsg-8) trix

CVE-2020-24742 [HIGH] CVE-2020-24742: qtbase-opensource-src - An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to lo... An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. Scope: local bookworm: resolved (fixed in 5.12.5+dfsg-8) bullseye: resolved (fixed in 5.12.5+dfsg-8) forky: resolved (fixed in 5.12.5+dfsg-8) sid: resolved (fixed i

CVE-2020-13962 [HIGH] CVE-2020-13962: qtbase-opensource-src - Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other... Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt versio

CVE-2020-17507 [MEDIUM] CVE-2020-17507: qtbase-opensource-src - An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5... An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. Scope: local bookworm: resolved (fixed in 5.14.2+dfsg-6) bullseye: resolved (fixed in 5.14.2+dfsg-6) forky: resolved (fixed in 5.14.2+dfsg-6) sid: resolved (fixed in 5.14.2+dfsg-6) trixie: resolved

CVE-2020-0569 [MEDIUM] CVE-2020-0569: qtbase-opensource-src - Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may ... Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. Scope: local bookworm: resolved (fixed in 5.12.5+dfsg-8) bullseye: resolved (fixed in 5.12.5+dfsg-8) forky: resolved (fixed in 5.12.5+dfsg-8) sid: resolved (fixed in 5.12.5+dfsg-8) trixie:

CVE-2020-12267 [CRITICAL] CVE-2020-12267: qtbase-opensource-src - setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextMarkdownImp... setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextMarkdownImporter::insertBlock. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-18281 [MEDIUM] CVE-2019-18281: qtbase-opensource-src - An out-of-bounds memory access in the generateDirectionalRuns() function in qtex... An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. Scope: local bookworm: resolved (fixed in 5.12.5+dfsg-2) bullseye: resolved (fixed in

CVE-2018-15518 [HIGH] CVE-2018-15518: qtbase-opensource-src - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsin... QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. Scope: local bookworm: resolved (fixed in 5.11.3+dfsg-2) bullseye: resolved (fixed in 5.11.3+dfsg-2) forky: resolved (fixed in 5.11.3+dfsg-2) sid: resolved (fixed in 5.11.3+dfsg-2) trixie: resolved (fixed in 5.11.3+dfsg-2)

CVE-2018-19872 [MEDIUM] CVE-2018-19872: qtbase-opensource-src - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by z... An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. Scope: local bookworm: resolved (fixed in 5.11.2+dfsg-3) bullseye: resolved (fixed in 5.11.2+dfsg-3) forky: resolved (fixed in 5.11.2+dfsg-3) sid: resolved (fixed in 5.11.2+dfsg-3) trixie: resolved (fixed in 5.11.2+dfsg-3)

CVE-2018-19870 [HIGH] CVE-2018-19870: qtbase-opensource-src - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL... An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. Scope: local bookworm: resolved (fixed in 5.11.3+dfsg-2) bullseye: resolved (fixed in 5.11.3+dfsg-2) forky: resolved (fixed in 5.11.3+dfsg-2) sid: resolved (fixed in 5.11.3+dfsg-2) trixie: resolved (fixe

CVE-2018-19873 [CRITICAL] CVE-2018-19873: qtbase-opensource-src - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow v... An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. Scope: local bookworm: resolved (fixed in 5.11.3+dfsg-2) bullseye: resolved (fixed in 5.11.3+dfsg-2) forky: resolved (fixed in 5.11.3+dfsg-2) sid: resolved (fixed in 5.11.3+dfsg-2) trixie: resolved (fixed in 5.11.3+dfsg-2)

CVE-2016-10040 [MEDIUM] CVE-2016-10040: qtbase-opensource-src - Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attack... Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. Scope: local bookworm: resolved (fixed in 5.2.0+dfsg-7) bullseye: resolved (fixed in 5.2.0+dfsg-7) forky: resolved (fixed in 5.2.0+dfsg-7) sid: resolved (fixed in 5.2.0+dfs

CVE-2015-1860 [MEDIUM] CVE-2015-1860: qtbase-opensource-src - Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Q... Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image. Scope: local bookworm: resolved (fixed in 5.3.2+dfsg-5) bullseye: resolved (fixed in 5.3.2+dfsg-5) forky

CVE-2015-1859 [MEDIUM] CVE-2015-1859: qtbase-opensource-src - Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtB... Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image. Scope: local bookworm: resolved (fixed in 5.3.2+dfsg-5) bullseye: resolved (fix

CVE-2015-0295 [MEDIUM] CVE-2015-0295: qtbase-opensource-src - The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks ... The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file. Scope: local bookworm: resolved (fixed in 5.3.2+dfsg-5) bullseye: resolved (fixed in 5.3.2+dfsg-5) forky: resolved (fixed in 5

CVE-2015-1858 [MEDIUM] CVE-2015-1858: qtbase-opensource-src - Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Q... Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image. Scope: local bookworm: resolved (fixed in 5.3.2+dfsg-5) bullseye: resolved (fixed in 5.3.2+dfs

CVE-2015-9541 [MEDIUM] CVE-2015-9541: qtbase-opensource-src - Qt through 5.14 allows an exponential XML entity expansion attack via a crafted ... Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. Scope: local bookworm: resolved (fixed in 5.12.5+dfsg-9) bullseye: resolved (fixed in 5.12.5+dfsg-9) forky: resolved (fixed in 5.12.5+dfsg-9) sid: resolved (fixed in 5.12.5+dfsg-9) trixie

CVE-2013-4549 [MEDIUM] CVE-2013-4549: qtbase-opensource-src - QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a ... QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack. Scope: local bookworm: resolved (fixed in 5.1.1+dfsg-6) bullseye: resolved (fixed in 5.1.1+dfsg-6) forky: resolved (fixed in 5.1.1+dfsg-6) sid: resolved (fixed in 5.1.1+dfsg-6) trixie: resolved