CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38197 – qtbase: infinite loops in QXmlStreamReader
https://notcve.org/view.php?id=CVE-2023-38197
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader() function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body. Well-formed but invalid XML files - with multiple DTD fragments in prolog and body, combined with recursive entity expansions, causes infinite loops in QXmlStreamReader. • https://codereview.qt-project.org/c/qt/qtbase/+/488960 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5C3NYVJ73ITE6HUOVVHBUAGORVEJRHO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEGQ6DFTL2BEJMHCD5FJGI6XLWQI7UEA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34410 – qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation
https://notcve.org/view.php?id=CVE-2023-34410
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. • https://codereview.qt-project.org/c/qt/qtbase/+/477560 https://codereview.qt-project.org/c/qt/qtbase/+/480002 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX https://access.redhat.com/security/cve/CVE-2023-34410 https://bugzilla.redhat.com/show_bug.cgi?id=2212747 • CWE-295: Improper Certificate Validation •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32762
https://notcve.org/view.php?id=CVE-2023-32762
An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. • https://codereview.qt-project.org/c/qt/qtbase/+/476140 https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305 https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://lists.qt-project.org/pipermail/announce/2023-May/000414.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32763
https://notcve.org/view.php?id=CVE-2023-32763
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. • https://codereview.qt-project.org/c/qt/qtbase/+/476125 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://lists.qt-project.org/pipermail/announce/2023-May/000413.html https://security.gentoo.org/glsa/202402-03 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-33285 – qt: buffer over-read via a crafted reply from a DNS server
https://notcve.org/view.php?id=CVE-2023-33285
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. A vulnerability was discovered in Qt. This security flaw occurs in the QDnsLookup function, which has a buffer over-read via a crafted reply from a DNS server. • https://codereview.qt-project.org/c/qt/qtbase/+/477644 https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://access.redhat.com/security/cve/CVE-2023-33285 https://bugzilla.redhat.com/show_bug.cgi?id=2209488 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •