Published: 12/08/2020 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

An issue exists in Qt up to and including 5.12.9, and 5.13.x up to and including 5.15.x prior to 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qt qt
debian debian linux 9.0
fedoraproject fedora 31
fedoraproject fedora 32

Synopsis Moderate: qt and qt5-qtbase security update Type/Severity Security Advisory: Moderate Topic An update for qt and qt5-qtbase is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...

Debian Bug report logs - #968444 qtbase-opensource-src: CVE-2020-17507 Package: src:qtbase-opensource-src; Maintainer for src:qtbase-opensource-src is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 15 Aug 2020 12:54:01 UTC Severity: importa ...

An issue was discovered in Qt through 5129, and 513x through 515x before 5151 read_xbm_body in gui/image/qxbmhandlercpp has a buffer over-read (CVE-2020-17507) ...

CWE-125 https://codereview.qt-project.org/c/qt/qtbase/+/308495 https://codereview.qt-project.org/c/qt/qtbase/+/308496 https://codereview.qt-project.org/c/qt/qtbase/+/308436 https://security.gentoo.org/glsa/202009-04 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html https://lists.debian.org/debian-lts-announce/2020/09/msg00024.html https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00104.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00105.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/426FCC6JNK4JUEX5QHJQDYQ6MUVQ3E6P/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBPZVZNEYXGATTXM4WOE7OQ55VAKPVD6/https://access.redhat.com/errata/RHSA-2020:5021 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2020-1574.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-17507

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect