ALT-PU-2020-2788-1
Closed vulnerabilities
Published: 2020-08-15
BDU:2021-03630
Уязвимость функции read_xbm_body кроссплатформенной IDE Qt, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
Published: 2020-08-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-17507
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
Severity: MEDIUM (5.3)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1452
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1500
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1501
- openSUSE-SU-2020:1530
- openSUSE-SU-2020:1530
- openSUSE-SU-2020:1564
- openSUSE-SU-2020:1564
- openSUSE-SU-2020:1568
- openSUSE-SU-2020:1568
- https://codereview.qt-project.org/c/qt/qtbase/+/308436
- https://codereview.qt-project.org/c/qt/qtbase/+/308436
- https://codereview.qt-project.org/c/qt/qtbase/+/308495
- https://codereview.qt-project.org/c/qt/qtbase/+/308495
- https://codereview.qt-project.org/c/qt/qtbase/+/308496
- https://codereview.qt-project.org/c/qt/qtbase/+/308496
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2376-1] qtbase-opensource-src security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2376-1] qtbase-opensource-src security update
- FEDORA-2020-b8091188d0
- FEDORA-2020-b8091188d0
- FEDORA-2020-8dd86f1b3f
- FEDORA-2020-8dd86f1b3f
- GLSA-202009-04
- GLSA-202009-04