CVE-2023-32573

Опубликовано: 10 мая 2023

Источник: debian

EPSS Низкий

Описание

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qt6-svg	fixed	6.4.2-2		package
qtsvg-opensource-src	fixed	5.15.8-3		package
qtsvg-opensource-src	no-dsa		bullseye	package
qtsvg-opensource-src	no-dsa		buster	package
qt4-x11	removed			package

Примечания

https://codereview.qt-project.org/c/qt/qtsvg/+/474093
https://lists.qt-project.org/pipermail/announce/2023-May/000411.html
https://codereview.qt-project.org/c/qt/qtsvg/+/474404
https://download.qt.io/official_releases/qt/5.15/CVE-2023-32573-qtsvg-5.15.diff

EPSS

Процентиль: 20%

0.00063

Низкий

Связанные уязвимости

CVE-2023-32573

CVSS3: 6.5

ubuntu

около 2 лет назад

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

CVE-2023-32573

CVSS3: 6.5

redhat

около 2 лет назад

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

CVE-2023-32573

CVSS3: 6.5

nvd

около 2 лет назад

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

CVE-2023-32573

CVSS3: 6.5

msrc

около 2 лет назад

Описание отсутствует

openSUSE-SU-2023:0111-1

suse-cvrf

около 2 лет назад

Security update for qt6-svg

EPSS

Процентиль: 20%

0.00063

Низкий