Your submission was sent successfully! Close

CVE-2013-4549

Published: 5 December 2013

QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.

Priority

Medium

Status

Package Release Status
phantomjs
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(code not present)
cosmic Not vulnerable
(code not present)
disco Not vulnerable
(code not present)
lucid Does not exist

precise Does not exist
(precise was not-affected [code not present])
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Does not exist

upstream Needed

utopic Ignored
(reached end-of-life)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(code not present)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
qt4-x11
Launchpad, Ubuntu, Debian
artful
Released (4:4.8.4+dfsg-0ubuntu20)
bionic
Released (4:4.8.4+dfsg-0ubuntu20)
cosmic
Released (4:4.8.4+dfsg-0ubuntu20)
disco
Released (4:4.8.4+dfsg-0ubuntu20)
lucid Ignored
(reached end-of-life)
precise Does not exist
(precise was released [4:4.8.1-0ubuntu4.5])
quantal
Released (4:4.8.3+dfsg-0ubuntu3.2)
raring
Released (4:4.8.4+dfsg-0ubuntu9.5)
saucy
Released (4:4.8.4+dfsg-0ubuntu18.1)
trusty
Released (4:4.8.4+dfsg-0ubuntu20)
upstream Needed

utopic
Released (4:4.8.4+dfsg-0ubuntu20)
vivid
Released (4:4.8.4+dfsg-0ubuntu20)
wily
Released (4:4.8.4+dfsg-0ubuntu20)
xenial
Released (4:4.8.4+dfsg-0ubuntu20)
yakkety
Released (4:4.8.4+dfsg-0ubuntu20)
zesty
Released (4:4.8.4+dfsg-0ubuntu20)
qtbase-opensource-src
Launchpad, Ubuntu, Debian
artful
Released (5.0.2+dfsg1-7ubuntu13)
bionic
Released (5.0.2+dfsg1-7ubuntu13)
cosmic
Released (5.0.2+dfsg1-7ubuntu13)
disco
Released (5.0.2+dfsg1-7ubuntu13)
lucid Does not exist

precise Does not exist

quantal Does not exist

raring
Released (5.0.1+dfsg-0ubuntu4.1)
saucy
Released (5.0.2+dfsg1-7ubuntu11.1)
trusty Does not exist
(trusty was released [5.0.2+dfsg1-7ubuntu13])
upstream
Released (5.1.1+dfsg-6)
utopic
Released (5.0.2+dfsg1-7ubuntu13)
vivid
Released (5.0.2+dfsg1-7ubuntu13)
wily
Released (5.0.2+dfsg1-7ubuntu13)
xenial
Released (5.0.2+dfsg1-7ubuntu13)
yakkety
Released (5.0.2+dfsg1-7ubuntu13)
zesty
Released (5.0.2+dfsg1-7ubuntu13)