Published: 26/12/2018 Updated: 28/09/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

QXmlStream in Qt 5.x prior to 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qt qt
debian debian linux 8.0
opensuse leap 42.3
debian debian linux 9.0

Debian Bug report logs - #923003 CVE-2018-19873 CVE-2018-19871 CVE-2018-19870 Package: src:qt4-x11; Maintainer for src:qt4-x11 is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 22 Feb 2019 22:15:01 UTC Severity: grave Tags: security, upstream F ...

Several security issues were fixed in Qt ...

Synopsis Moderate: qt5 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Moderate: qt5-qtbase security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qt5-qtbase is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CV ...

Synopsis Moderate: qt security update Type/Severity Security Advisory: Moderate Topic An update for qt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives ...

An issue was discovered in Qt before 5113 A malformed SVG image causes a segmentation fault in qsvghandlercpp (CVE-2018-19869) An issue was discovered in Qt before 5113 A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault (CVE-2018-19870) An issue was discovered in Qt 511 A malformed PP ...

An issue was discovered in Qt before 5113 A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault(CVE-2018-19870) QXmlStream in Qt 5x before 5113 has a double-free or corruption during parsing of a specially crafted illegal XML document (CVE-2018-15518) An issue was discovered in Qt before 5 ...

CWE-415 https://codereview.qt-project.org/#/c/236691/https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00066.html https://lists.debian.org/debian-lts-announce/2019/01/msg00004.html https://www.debian.org/security/2019/dsa-4374 https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html https://usn.ubuntu.com/4003-1/https://access.redhat.com/errata/RHSA-2019:2135 https://access.redhat.com/errata/RHSA-2019:3390 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923003 https://usn.ubuntu.com/4003-1/https://nvd.nist.gov

CVE-2018-15518

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect