CVE-2018-15518

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-15518

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-15518.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-15518

Downstream

DEBIAN-CVE-2018-15518

DLA-1627-1

DLA-1786-1

DLA-2377-1

DSA-4374-1

RHSA-2019:2135

RHSA-2019:3390

RHSA-2020:1172

SUSE-SU-2018:4179-1

SUSE-SU-2018:4183-1

SUSE-SU-2018:4210-1

SUSE-SU-2018:4210-2

SUSE-SU-2018:4294-1

SUSE-SU-2019:0447-1

SUSE-SU-2020:1021-1

UBUNTU-CVE-2018-15518

USN-4003-1

openSUSE-SU-2019:0265-1

openSUSE-SU-2020:1452-1

openSUSE-SU-2020:1500-1

openSUSE-SU-2020:1501-1

openSUSE-SU-2020:1530-1

Related

Published

2018-12-26T21:29:00.823Z

Modified

2026-03-14T22:27:46.451894Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.

References

Affected packages

Git / github.com/qt/qtbase

Affected ranges

Type

GIT

Repo

https://github.com/qt/qtbase

Events

Introduced

fae33bfbe35f8d082b420ee09662ff60634cb355

Fixed

08de243eaa007597c2bfbc97d3d14e2f821ac4be

Database specific

{
    "versions": [
        {
            "introduced": "5.5.0"
        },
        {
            "fixed": "5.11.3"
        }
    ]
}

Affected versions

v5.*

v5.10.0

v5.10.0-alpha1

v5.10.0-beta1

v5.10.0-beta2

v5.10.0-beta3

v5.10.0-beta4

v5.10.0-rc1

v5.10.0-rc2

v5.10.0-rc3

v5.10.1

v5.11.0

v5.11.0-alpha1

v5.11.0-beta1

v5.11.0-beta2

v5.11.0-beta3

v5.11.0-beta4

v5.11.0-rc1

v5.11.0-rc2

v5.11.1

v5.11.2

v5.5.0

v5.5.1

v5.6.0

v5.6.0-alpha1

v5.6.0-beta1

v5.6.0-rc1

v5.6.1

v5.6.1-1

v5.6.2

v5.7.0

v5.7.0-alpha1

v5.7.0-beta1

v5.7.0-rc1

v5.7.1

v5.8.0

v5.8.0-alpha1

v5.8.0-beta1

v5.8.0-rc1

v5.9.0

v5.9.0-alpha1

v5.9.0-beta1

v5.9.0-beta2

v5.9.0-beta3

v5.9.0-beta4

v5.9.0-rc1

v5.9.0-rc2

v5.9.1

v5.9.2

v5.9.3

v5.9.4

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.3"
            }
        ]
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-15518.json"