CVE-2023-45872

{"id": "CVE-2023-45872", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-10-09T06:15:13.323", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246067", "source": "cve@mitre.org"}, {"url": "https://qt.io", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "An issue was discovered in Qt before 6.2.11 and 6.3.x through 6.6.x before 6.6.1. When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document, leading to a denial of service (application crash) if it is not actually an SVG document."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Qt anterior a la versi\u00f3n 6.2.11 y en las versiones 6.3.x a 6.6.x anteriores a la versi\u00f3n 6.6.1. Cuando una imagen QML hace referencia a una imagen cuyo contenido a\u00fan no se conoce, se supone que se trata de un documento SVG, lo que genera una denegaci\u00f3n de servicio (falla de la aplicaci\u00f3n) si en realidad no es un documento SVG."}], "lastModified": "2024-11-12T21:35:13.113", "sourceIdentifier": "cve@mitre.org"}