CVE-2023-37369

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 20, 2023

Updated: May 1, 2024

Summary

CVE-2023-37369 is a vulnerability affecting Qt versions before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. This issue results in an application crash when processing a maliciously crafted XML string. The cause is a prefix becoming larger than its intended length during processing by QXmlStreamReader. This vulnerability could potentially be exploited by attackers to cause applications using the affected Qt versions to crash, leading to denial-of-service or potentially more serious consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Qt
Debian

Affected Vendors

Debian

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r1jS_j
https://www.cve.org/CVERecord?id=CVE-2023-37369
https://nvd.nist.gov/vuln/detail/CVE-2023-37369

Back to Vulnerability Database