CVE-2023-37369

Published: Aug 20, 2023

Modified: Aug 2, 2024

PUBLISHED

Description

In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugreports.qt.io/browse/QTBUG-114829

https://codereview.qt-project.org/c/qt/qtbase/+/455027

[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update

mailing-list

FEDORA-2023-0e68827d36

vendor-advisory

FEDORA-2023-fd45b50121

vendor-advisory

[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-37369

Description

Affected Products

References