Lack of data validation - Path Traversal In qtbase-opensource-src
Description
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 debian 11 | 5.12.5+dfsg-8 | ||
debian 12 | 5.12.5+dfsg-8 | ||
debian 13 | 5.12.5+dfsg-8 | ||
debian 14 | 5.12.5+dfsg-8 | ||
debian 11 | 5.14.2+dfsg-3 | ||
debian 12 | 5.14.2+dfsg-3 | ||
debian 13 | 5.14.2+dfsg-3 | ||
debian 14 | 5.14.2+dfsg-3 | ||
 rpm rhel6 | - | - | |
rpm rhel7 | - | - |
1-10 of 11
10
Aliases
1. 2. 3. 4. 5.