Msrc Cbl2 Qt5-Qtbase 5.12.11-9 On Cbl Mariner 2.0 vulnerabilities

CVE-2023-37369 [HIGH] In Qt before 5.15.15 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.2 there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is In Qt before 5.15.15 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.2 there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. FAQ: Is Azure Linux the only Microsoft product that

CVE-2023-38197 [HIGH] CWE-835 An issue was discovered in Qt before 5.15.15 6.x before 6.2.10 and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. An issue was discovered in Qt before 5.15.15 6.x before 6.2.10 and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of t

CVE-2023-33285 [MEDIUM] CWE-125 An issue was discovered in Qt 5.x before 5.15.14 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. An issue was discovered in Qt 5.x before 5.15.14 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentiall