Fluid Attacks Database

Description

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	qtbase-opensource-src	>=0 <5.11.3+dfsg-2	5.11.3+dfsg-2
debian 14	qtbase-opensource-src	>=0 <5.11.3+dfsg-2	5.11.3+dfsg-2
debian 13	qtbase-opensource-src	>=0 <5.11.3+dfsg-2	5.11.3+dfsg-2
debian 12	qtbase-opensource-src	>=0 <5.11.3+dfsg-2	5.11.3+dfsg-2
rpm rhel7	qt5-qtdeclarative	<0:5.9.7-1.el7	0:5.9.7-1.el7
rpm rhel7	qt5-qtgraphicaleffects	<0:5.9.7-1.el7	0:5.9.7-1.el7
rpm rhel7	qt5-qtmultimedia	<0:5.9.7-1.el7	0:5.9.7-1.el7
rpm rhel7	qt5-qttools	<0:5.9.7-1.el7	0:5.9.7-1.el7
rpm rhel7	qt5-qtquickcontrols	<0:5.9.7-1.el7	0:5.9.7-1.el7
rpm rhel7	qt5-qtserialport	<0:5.9.7-1.el7	0:5.9.7-1.el7

1-10 of 31

Aliases

1. CVE-2018-198702. NVD-2018-198703. OSV-DEBIAN-2018-198704. OSV-2018-198705. SECURITY-TRACKER-CVE-2018-19870

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.