Msrc Cm1 Qt5-Qtbase 5.12.11-7 On Cbl Mariner 1.0 vulnerabilities

CVE-2023-32763 [HIGH] CWE-120 An issue was discovered in Qt before 5.15.15 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered a QTextLayout buffer overflow can be triggered. An issue was discovered in Qt before 5.15.15 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered a QTextLayout buffer overflow can be triggered. FAQ: Is Azure Linux the only Microsoft product that includes this ope

CVE-2023-32762 [MEDIUM] An issue was discovered in Qt before 5.15.14 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header allowing unencrypted conne An issue was discovered in Qt before 5.15.14 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header allowing unencrypted connections to be established even when explicitly prohibited by the server. Thi

CVE-2023-25193 [HIGH] CWE-770 hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is