Approved changes feed: RSS · Atom
cpe:2.3:a:qt:qt:4.5.3:*:*:*:*:*:*:*
part: a version: 4.5.3 update: *
| Vendor | Qt (ac351d54-6a3a-5b90-a60b-6ef58ef23803) |
|---|---|
| Product | Qt (fb46f139-0d7d-5cf6-a2f2-b5bc72f4c130) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/qtbase5-dev |
purl2cpe | 2026-06-01 10:16:55.734711 |
pkg:deb/ubuntu/qtbase5-dev |
purl2cpe | 2026-06-01 10:16:55.734712 |
pkg:github/qt/qt |
purl2cpe | 2026-06-01 10:16:55.734714 |
pkg:github/qt/qt5 |
purl2cpe | 2026-06-01 10:16:55.734715 |
pkg:qt/qt |
purl2cpe | 2026-06-01 10:16:55.734716 |
pkg:rpm/fedora/qt5-qtbase |
purl2cpe | 2026-06-01 10:16:55.734718 |
pkg:rpm/opensuse/qt5-qtbase |
purl2cpe | 2026-06-01 10:16:55.734719 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-0254 |
vulnerable | 2026-06-08 05:03:46.508333 |
Details available
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.
Published: 2013-02-06T11:00:00.000Z
Updated: 2024-08-06T14:18:09.656Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-5624 |
vulnerable | 2026-06-08 05:02:57.590025 |
Details available
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
Published: 2013-02-24T19:00:00.000Z
Updated: 2024-09-16T18:45:23.183Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-5076 |
vulnerable | 2026-06-08 04:56:32.088846 |
Details available
QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Published: 2012-06-29T19:00:00.000Z
Updated: 2024-08-07T04:09:38.930Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-2621 |
vulnerable | 2026-06-08 04:55:09.091674 |
Details available
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.
Published: 2010-07-02T20:00:00.000Z
Updated: 2024-08-07T02:39:37.809Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-2700 |
vulnerable | 2026-06-08 04:51:30.122481 |
Details available
src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Published: 2009-09-02T17:00:00.000Z
Updated: 2024-08-07T05:59:56.946Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.