First published: Sun May 28 2023(Updated: )
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Qt Qt | >=6.3.0<6.5.1 | |
Qt Qt | >=6.0.0<6.2.9 | |
Qt Qt | <5.15.15 | |
F5 BIG-IP | >=17.1.0<=17.1.1 | |
F5 BIG-IP | >=16.1.0<=16.1.5 | |
F5 BIG-IP | >=15.1.0<=15.1.10 | |
F5 APM Clients | >=7.2.4.6<=7.2.4.7 | 7.2.4.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32763 is a vulnerability found in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, which can trigger a QTextLayout buffer overflow when rendering an SVG file with an image inside it.
CVE-2023-32763 has a severity value of 7, indicating a high severity.
CVE-2023-32763 affects Qt versions before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1.
CVE-2023-32763 has the CWE (Common Weakness Enumeration) categories of 119 and 120.
Yes, you can find more information about CVE-2023-32763 at the following references: [references](https://lists.qt-project.org/pipermail/announce/2023-May/000413.html), [references](https://codereview.qt-project.org/c/qt/qtbase/+/476125), [references](https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html).