CVE-2018-15518

HIGH8.8EPSS 2.3%

qtbase-opensource-src - security update

發布日:2018/12/26修改日:2026/4/28

也稱為:DEBIAN-CVE-2018-15518

描述

QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.

受影響套件(5)

Debian/qt4-x11from 0, < 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2
Debian/qt4-x11from 0, < 4:4.8.7+dfsg-11+deb9u1
Debian/qtbase-opensource-srcfrom 0, < 5.11.3+dfsg-2
Debian/qtbase-opensource-srcfrom 0, < 5.3.2+dfsg-4+deb8u3
Debian/qtbase-opensource-srcfrom 0, < 5.7.1+dfsg-3+deb9u1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH8.8	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-15518