CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39936 – qtbase: qtbase: Delay any communication until encrypted() can be responded to
https://notcve.org/view.php?id=CVE-2024-39936
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.. Se descubrió un problema en HTTP2 en Qt antes de 5.15.18, 6.x antes de 6.2.13, 6.3.x hasta 6.5.x antes de 6.5.7 y 6.6.x hasta 6.7.x antes de 6.7.3. El código para tomar decisiones relevantes para la seguridad sobre una conexión establecida puede ejecutarse demasiado pronto, porque la señal encrypted() aún no se ha emitido ni procesado. A vulnerability was found in Qt where, during a TLS connection for servers supporting HTTP2, Qt may send data to a server even if the TLS certificate doesn't match the redirected address. • https://codereview.qt-project.org/c/qt/qtbase/+/571601 https://access.redhat.com/security/cve/CVE-2024-39936 https://bugzilla.redhat.com/show_bug.cgi?id=2295867 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-51714 – qt: incorrect integer overflow check
https://notcve.org/view.php?id=CVE-2023-51714
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. Se descubrió un problema en la implementación de HTTP2 en Qt antes de 5.15.17, 6.x antes de 6.2.11, 6.3.x hasta 6.5.x antes de 6.5.4 y 6.6.x antes de 6.6.2. network/access/http2/hpacktable.cpp tiene una comprobación de desbordamiento de enteros HPack incorrecta. An integer overflow vulnerability was found in Qt. An incorrect HPack integer overflow check can lead to denial of service. • https://codereview.qt-project.org/c/qt/qtbase/+/524864 https://codereview.qt-project.org/c/qt/qtbase/+/524865/3 https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://access.redhat.com/security/cve/CVE-2023-51714 https://bugzilla.redhat.com/show_bug.cgi?id=2255856 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-43114
https://notcve.org/view.php?id=CVE-2023-43114
An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks. Se descubrió un problema en Qt antes de 5.15.16, 6.x antes de 6.2.10 y 6.3.x a 6.5.x antes de 6.5.3 en Windows. Cuando se utiliza el motor de fuentes GDI, si se carga una fuente dañada a través de QFontDatabase::addApplicationFont{FromData], puede hacer que la aplicación se bloquee debido a la falta de comprobaciones de longitud. • https://codereview.qt-project.org/c/qt/qtbase/+/503026 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-37369 – qtbase: buffer overflow in QXmlStreamReader
https://notcve.org/view.php?id=CVE-2023-37369
In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. A flaw was found in the qtbase package. When given specifically crafted data, the QXmlStreamReader can end up causing a buffer overflow and, subsequently, a crash. • https://bugreports.qt.io/browse/QTBUG-114829 https://codereview.qt-project.org/c/qt/qtbase/+/455027 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3JR3N3IF5MUSETGYE46OZFOGGPY3VZT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZK7EDD4ILPPSQAYO54FANUC4NFYLTHU https://access.redhat.com/secu • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38197 – qtbase: infinite loops in QXmlStreamReader
https://notcve.org/view.php?id=CVE-2023-38197
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader() function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body. Well-formed but invalid XML files - with multiple DTD fragments in prolog and body, combined with recursive entity expansions, causes infinite loops in QXmlStreamReader. • https://codereview.qt-project.org/c/qt/qtbase/+/488960 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5C3NYVJ73ITE6HUOVVHBUAGORVEJRHO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEGQ6DFTL2BEJMHCD5FJGI6XLWQI7UEA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •