CVE-2023-32763

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-32763
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32763.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-32763
Downstream
Related
Published
2023-05-28T23:15:09.620Z
Modified
2026-02-04T21:33:34.943919Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

References

Affected packages

Git / github.com/qt/qt5

Affected ranges

Type
GIT
Repo
https://github.com/qt/qt5
Events
Introduced
1734139bf4629af593e79d247a18f8e511bf7c5e
Fixed
19b7e91751697cb2514ac7dcdbf166655f0de698
Introduced
78410d7e8b7aafdcbb4feea3a943038c7e0a0b5f
Fixed
322d47d25de3cbafd8d6cd2a62e4ed6efc736a4b
Fixed
e4ca9dfa716e7590d1a3014c65b05ac00781f980

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32763.json"

Git / github.com/qt/qtbase

Affected ranges

Type
GIT
Repo
https://github.com/qt/qtbase
Events
Introduced
9554d315aa74eaba1726405ee09117e2ebc6111f
Fixed
55aee8697512af105dfefabc1e2ec41d4df1e45e
Fixed
ca725ad9c5331a657c328bf624f2b0b713623276
Introduced
fc9cda5f08ac848e88f63dd4a07c08b2fbc6bf17
Fixed
f131837a9fcc83dcfb70a0a91b1baacb6ccf14a2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32763.json"
vanir_signatures 
[
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/qt/qtbase/commit/55aee8697512af105dfefabc1e2ec41d4df1e45e",
        "digest": {
            "line_hashes": [
                "92376634840184399825365318154288351993",
                "232461204609313989120257745717201240216",
                "320708743009817993507337202164167887441",
                "21308290995217884491005044431632010900",
                "298034914405986548572445818450155724325",
                "171355919169060797509597056785544202524",
                "1069687939198931456973687425830032072",
                "3540876834910303010839964264776335282",
                "119893641728366708810635981190240492131",
                "135558535485227323371703831987671565962",
                "218424658944840923178893068857589239342",
                "180130516929332699035191217939835434911",
                "171902681780682419451758795992574159417",
                "194908686061445372061155934280632091709",
                "25828914292029408919762996279289826136",
                "271381063204330631592675759559091485281",
                "188826755362610565145874472998653610620",
                "61181470149620454368846073938918120330",
                "144456116250144122357606448252883560018",
                "210431344564871427713284927923317729215",
                "33720891528493242799779644168988618648",
                "131451878779952217380213242484707842149",
                "163457716009692412014758585930328269677",
                "48972863578760833987644564696874645146"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2023-32763-95a33edc",
        "deprecated": false,
        "target": {
            "file": "src/network/kernel/qdnslookup_unix.cpp"
        }
    },
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/qt/qtbase/commit/55aee8697512af105dfefabc1e2ec41d4df1e45e",
        "digest": {
            "function_hash": "328679296815467547461728943587483981886",
            "length": 7904.0
        },
        "id": "CVE-2023-32763-b3d99a5e",
        "deprecated": false,
        "target": {
            "file": "src/network/kernel/qdnslookup_unix.cpp",
            "function": "QDnsLookupRunnable::query"
        }
    }
]