Approved changes feed: RSS · Atom

cpe:2.3:a:qt:qt:1.44:*:*:*:*:*:*:*

part: a version: 1.44 update: *

VendorQt (ac351d54-6a3a-5b90-a60b-6ef58ef23803)
ProductQt (fb46f139-0d7d-5cf6-a2f2-b5bc72f4c130)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:deb/debian/qtbase5-dev purl2cpe 2026-06-01 10:16:55.733761
pkg:deb/ubuntu/qtbase5-dev purl2cpe 2026-06-01 10:16:55.733763
pkg:github/qt/qt purl2cpe 2026-06-01 10:16:55.733764
pkg:github/qt/qt5 purl2cpe 2026-06-01 10:16:55.733766
pkg:qt/qt purl2cpe 2026-06-01 10:16:55.733767
pkg:rpm/fedora/qt5-qtbase purl2cpe 2026-06-01 10:16:55.733768
pkg:rpm/opensuse/qt5-qtbase purl2cpe 2026-06-01 10:16:55.733770

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2013-0254 vulnerable 2026-06-08 05:03:46.488705 Details available
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.
Published: 2013-02-06T11:00:00.000Z
Updated: 2024-08-06T14:18:09.656Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-5624 vulnerable 2026-06-08 05:02:57.569988 Details available
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
Published: 2013-02-24T19:00:00.000Z
Updated: 2024-09-16T18:45:23.183Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.