VDB
DEBIAN-CVE-2023-38197
DEBIAN-CVE-2023-38197
PUBLISHED
CVSS 7.5 HIGH
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | qtbase-opensource-src-gles | *, 5.15.15+dfsg-1, 5.15.15+dfsg-2 |
| Debian:11 | qtbase-opensource-src | 0, 5.15.2+dfsg, 0 |
| Debian:13 | qtbase-opensource-src-gles | 0, 0, 0 |
| Debian:14 | qtbase-opensource-src-gles | 0, 0, 0 |
| Debian:12 | qt6-base | 6.6.2+dfsg-1, 6.4.2+dfsg-16, 6.4.2+dfsg-17 |
| Debian:13 | qtbase-opensource-src | 0, 0, 0 |
| Debian:12 | qtbase-opensource-src-gles | 5.15.9+dfsg-1, 5.15.10+dfsg-1, 5.15.10+dfsg-2 |
| Debian:14 | qtbase-opensource-src | 0, 0, 0 |
| Debian:12 | qtbase-opensource-src | 0, 5.15.8+dfsg-11, 0 |
| Debian:14 | qt6-base | 0, 0, 0 |
| Debian:13 | qt6-base | 0, 0, 0 |
Timeline
- Jul 13, 2023 CVE Published
- Apr 28, 2026 CVE Updated