Published: 28/05/2023 Updated: 01/05/2024

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

An issue exists in Qt prior to 5.15.15, 6.x prior to 6.2.9, and 6.3.x up to and including 6.5.x prior to 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qt qt

Debian Bug report logs - #1036702 qtbase-opensource-src-gles: CVE-2023-32763 Package: src:qtbase-opensource-src-gles; Maintainer for src:qtbase-opensource-src-gles is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 24 May 2023 13:54:02 UTC Severi ...

In QT, there is an integer overflow in qfixed_ph when rendering SVG image on the minimal plugin (CVE-2023-32763) ...

CWE-120 https://lists.qt-project.org/pipermail/announce/2023-May/000413.html https://codereview.qt-project.org/c/qt/qtbase/+/476125 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html https://security.gentoo.org/glsa/202402-03 https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036702 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2159.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-32763

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect