CVE-2019-18281
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-18281
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18281.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-18281
- Downstream
- Related
- Published
- 2019-10-23T15:15:14Z
- Modified
- 2025-10-15T10:36:59.928366Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.
- References
-
- https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1848784
- https://codereview.qt-project.org/c/qt/qtbase/+/271889
- https://seclists.org/bugtraq/2019/Nov/4
- https://security.gentoo.org/glsa/202003-60
- https://www.debian.org/security/2019/dsa-4556
- https://bugreports.qt.io/browse/QTBUG-77819
- https://usn.ubuntu.com/4275-1/
Affected packages
Git / github.com/qt/qtbase
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/qt/qtbase/commit/abfb1b8665923ce2824392f3a04e5e4ac3871017",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"42175485319852982382716562530548920112",
"269969189790789914493321821784506182077",
"192896421012310542730988811461340756350",
"81493618896476637973500433905196848195",
"177778031528303863734575949352642260045",
"204261337458403320614169416449406855994",
"282401848054897177864544170876498713116",
"23956863597407661719760492111577731941",
"120874335481434784682992640334932410074"
]
},
"target": {
"file": "qmake/generators/mac/pbuilder_pbx.cpp"
},
"id": "CVE-2019-18281-ce26650f"
},
{
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/qt/qtbase/commit/abfb1b8665923ce2824392f3a04e5e4ac3871017",
"signature_type": "Function",
"digest": {
"function_hash": "55318626890648757947913378382764058604",
"length": 55991.0
},
"target": {
"file": "qmake/generators/mac/pbuilder_pbx.cpp",
"function": "ProjectBuilderMakefileGenerator::writeMakeParts"
},
"id": "CVE-2019-18281-f29a5ae7"
}
]