Approved changes feed: RSS · Atom

cpe:2.3:a:qt:qtbase:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorQt (ac351d54-6a3a-5b90-a60b-6ef58ef23803)
ProductQtbase (5ad49240-3ed9-56e4-8d68-9c9c90fba9dc)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/qtbase5-dev purl2cpe 2026-06-01 10:16:55.987405
pkg:deb/ubuntu/qtbase5-dev purl2cpe 2026-06-01 10:16:55.987409
pkg:github/qt/qtbase purl2cpe 2026-06-01 10:16:55.987412
pkg:qt/qt purl2cpe 2026-06-01 10:16:55.987414
pkg:rpm/fedora/qt5-qtbase purl2cpe 2026-06-01 10:16:55.987417
pkg:rpm/opensuse/qt5-qtbase purl2cpe 2026-06-01 10:16:55.987420

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-32762 vulnerable 2026-06-08 06:04:47.194597 Details available
An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
Published: 2023-05-28T00:00:00.000Z
Updated: 2024-08-19T16:42:12.680Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-18281 vulnerable 2026-06-08 05:13:11.350879 Details available
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.
Published: 2019-10-23T14:03:53.000Z
Updated: 2024-08-05T01:47:14.143Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.