Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-11477 (GCVE-0-2024-11477)
Vulnerability from cvelistv5
Published
2024-11-22 20:22
Modified
2025-02-15 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:7-zip:7zip:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "7zip",
"vendor": "7-zip",
"versions": [
{
"lessThan": "24.07",
"status": "affected",
"version": "24.06",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11477",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-30T04:55:53.034971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T14:09:05.550Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-15T00:10:31.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250214-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "7-Zip",
"vendor": "7-Zip",
"versions": [
{
"status": "affected",
"version": "24.06"
}
]
}
],
"dateAssigned": "2024-11-19T22:30:03.091Z",
"datePublic": "2024-11-20T20:07:56.456Z",
"descriptions": [
{
"lang": "en",
"value": "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:22:33.278Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1532",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532/"
}
],
"source": {
"lang": "en",
"value": "Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research"
},
"title": "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-11477",
"datePublished": "2024-11-22T20:22:33.278Z",
"dateReserved": "2024-11-19T22:30:03.057Z",
"dateUpdated": "2025-02-15T00:10:31.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-11477\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2024-11-22T21:15:08.613\",\"lastModified\":\"2025-02-15T01:15:10.080\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\\n\\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de enteros en la descompresi\u00f3n Zstandard de 7-Zip. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de 7-Zip. Se requiere la interacci\u00f3n con esta librer\u00eda para explotar esta vulnerabilidad, pero los vectores de ataque pueden variar seg\u00fan la implementaci\u00f3n. La falla espec\u00edfica existe dentro de la implementaci\u00f3n de la descompresi\u00f3n Zstandard. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar un desbordamiento de enteros antes de escribir en la memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24346.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-191\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"24.07\",\"matchCriteriaId\":\"01AEC7B4-8443-4267-A0E3-3C41EDFFBB38\"}]}]}],\"references\":[{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-24-1532/\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250214-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250214-0007/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-02-15T00:10:31.081Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-11477\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-30T04:55:53.034971Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:7-zip:7zip:*:*:*:*:*:*:*:*\"], \"vendor\": \"7-zip\", \"product\": \"7zip\", \"versions\": [{\"status\": \"affected\", \"version\": \"24.06\", \"lessThan\": \"24.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-02T14:08:49.353Z\"}}], \"cna\": {\"title\": \"7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability\", \"source\": {\"lang\": \"en\", \"value\": \"Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"vendor\": \"7-Zip\", \"product\": \"7-Zip\", \"versions\": [{\"status\": \"affected\", \"version\": \"24.06\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2024-11-20T20:07:56.456Z\", \"references\": [{\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-24-1532/\", \"name\": \"ZDI-24-1532\", \"tags\": [\"x_research-advisory\"]}], \"dateAssigned\": \"2024-11-19T22:30:03.091Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\\n\\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-191\", \"description\": \"CWE-191: Integer Underflow (Wrap or Wraparound)\"}]}], \"providerMetadata\": {\"orgId\": \"99f1926a-a320-47d8-bbb5-42feb611262e\", \"shortName\": \"zdi\", \"dateUpdated\": \"2024-11-22T20:22:33.278Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-11477\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-15T00:10:31.081Z\", \"dateReserved\": \"2024-11-19T22:30:03.057Z\", \"assignerOrgId\": \"99f1926a-a320-47d8-bbb5-42feb611262e\", \"datePublished\": \"2024-11-22T20:22:33.278Z\", \"assignerShortName\": \"zdi\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2024-3512
Vulnerability from csaf_certbund
Published
2024-11-20 23:00
Modified
2024-11-20 23:00
Summary
7-Zip: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
7-Zip ist ein Extraktionsdienstprogramm für Archive, die im ZIP-Format komprimiert sind.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in 7-Zip ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "7-Zip ist ein Extraktionsdienstprogramm f\u00fcr Archive, die im ZIP-Format komprimiert sind.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in 7-Zip ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3512 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3512.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3512 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3512"
},
{
"category": "external",
"summary": "ZDI Advisory vom 2024-11-20",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532/"
}
],
"source_lang": "en-US",
"title": "7-Zip: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2024-11-20T23:00:00.000+00:00",
"generator": {
"date": "2024-11-21T10:04:15.234+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3512",
"initial_release_date": "2024-11-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.07",
"product": {
"name": "Open Source 7-Zip \u003c24.07",
"product_id": "T039366"
}
},
{
"category": "product_version",
"name": "24.07",
"product": {
"name": "Open Source 7-Zip 24.07",
"product_id": "T039366-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:7-zip:7-zip:24.07"
}
}
}
],
"category": "product_name",
"name": "7-Zip"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11477",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in 7-Zip. Dieser Fehler betrifft die Zstandard-Dekomprimierung aufgrund des Fehlens einer ordnungsgem\u00e4\u00dfen Validierung der vom Benutzer bereitgestellten Daten, was zu einem Integer-Unterlauf vor dem Schreiben in den Speicher f\u00fchren kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code im Kontext des aktuellen Prozesses auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, das Opfer muss mit der Zstandard-Bibliothek interagieren."
}
],
"product_status": {
"known_affected": [
"T039366"
]
},
"release_date": "2024-11-20T23:00:00.000+00:00",
"title": "CVE-2024-11477"
}
]
}
wid-sec-w-2024-3512
Vulnerability from csaf_certbund
Published
2024-11-20 23:00
Modified
2024-11-20 23:00
Summary
7-Zip: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
7-Zip ist ein Extraktionsdienstprogramm für Archive, die im ZIP-Format komprimiert sind.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in 7-Zip ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "7-Zip ist ein Extraktionsdienstprogramm f\u00fcr Archive, die im ZIP-Format komprimiert sind.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in 7-Zip ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3512 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3512.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3512 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3512"
},
{
"category": "external",
"summary": "ZDI Advisory vom 2024-11-20",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532/"
}
],
"source_lang": "en-US",
"title": "7-Zip: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2024-11-20T23:00:00.000+00:00",
"generator": {
"date": "2024-11-21T10:04:15.234+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3512",
"initial_release_date": "2024-11-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.07",
"product": {
"name": "Open Source 7-Zip \u003c24.07",
"product_id": "T039366"
}
},
{
"category": "product_version",
"name": "24.07",
"product": {
"name": "Open Source 7-Zip 24.07",
"product_id": "T039366-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:7-zip:7-zip:24.07"
}
}
}
],
"category": "product_name",
"name": "7-Zip"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11477",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in 7-Zip. Dieser Fehler betrifft die Zstandard-Dekomprimierung aufgrund des Fehlens einer ordnungsgem\u00e4\u00dfen Validierung der vom Benutzer bereitgestellten Daten, was zu einem Integer-Unterlauf vor dem Schreiben in den Speicher f\u00fchren kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code im Kontext des aktuellen Prozesses auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, das Opfer muss mit der Zstandard-Bibliothek interagieren."
}
],
"product_status": {
"known_affected": [
"T039366"
]
},
"release_date": "2024-11-20T23:00:00.000+00:00",
"title": "CVE-2024-11477"
}
]
}
opensuse-su-2025:15531-1
Vulnerability from csaf_opensuse
Published
2025-09-06 00:00
Modified
2025-09-06 00:00
Summary
libQt5Pdf5-5.15.19-1.1 on GA media
Notes
Title of the patch
libQt5Pdf5-5.15.19-1.1 on GA media
Description of the patch
These are all security issues fixed in the libQt5Pdf5-5.15.19-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15531
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libQt5Pdf5-5.15.19-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libQt5Pdf5-5.15.19-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15531",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15531-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-10229 page",
"url": "https://www.suse.com/security/cve/CVE-2024-10229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-10827 page",
"url": "https://www.suse.com/security/cve/CVE-2024-10827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11477 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-12694 page",
"url": "https://www.suse.com/security/cve/CVE-2024-12694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-55549 page",
"url": "https://www.suse.com/security/cve/CVE-2024-55549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0436 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1426 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2783 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3619 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3619/"
}
],
"title": "libQt5Pdf5-5.15.19-1.1 on GA media",
"tracking": {
"current_release_date": "2025-09-06T00:00:00Z",
"generator": {
"date": "2025-09-06T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15531-1",
"initial_release_date": "2025-09-06T00:00:00Z",
"revision_history": [
{
"date": "2025-09-06T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libQt5Pdf5-5.15.19-1.1.aarch64",
"product": {
"name": "libQt5Pdf5-5.15.19-1.1.aarch64",
"product_id": "libQt5Pdf5-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"product": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"product_id": "libQt5PdfWidgets5-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtpdf-devel-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtpdf-examples-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtpdf-imports-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtwebengine-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtwebengine-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtwebengine-devel-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtwebengine-examples-5.15.19-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"product": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"product_id": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libQt5Pdf5-5.15.19-1.1.ppc64le",
"product": {
"name": "libQt5Pdf5-5.15.19-1.1.ppc64le",
"product_id": "libQt5Pdf5-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"product": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"product_id": "libQt5PdfWidgets5-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtpdf-devel-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtpdf-examples-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtpdf-imports-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtwebengine-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"product": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"product_id": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libQt5Pdf5-5.15.19-1.1.s390x",
"product": {
"name": "libQt5Pdf5-5.15.19-1.1.s390x",
"product_id": "libQt5Pdf5-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libQt5PdfWidgets5-5.15.19-1.1.s390x",
"product": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.s390x",
"product_id": "libQt5PdfWidgets5-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"product_id": "libqt5-qtpdf-devel-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"product_id": "libqt5-qtpdf-examples-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"product_id": "libqt5-qtpdf-imports-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"product_id": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtwebengine-5.15.19-1.1.s390x",
"product_id": "libqt5-qtwebengine-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"product_id": "libqt5-qtwebengine-devel-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"product_id": "libqt5-qtwebengine-examples-5.15.19-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"product": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"product_id": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libQt5Pdf5-5.15.19-1.1.x86_64",
"product": {
"name": "libQt5Pdf5-5.15.19-1.1.x86_64",
"product_id": "libQt5Pdf5-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"product": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"product_id": "libQt5PdfWidgets5-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtpdf-devel-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtpdf-examples-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtpdf-imports-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtwebengine-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtwebengine-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtwebengine-devel-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtwebengine-examples-5.15.19-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64",
"product": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64",
"product_id": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5Pdf5-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64"
},
"product_reference": "libQt5Pdf5-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5Pdf5-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le"
},
"product_reference": "libQt5Pdf5-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5Pdf5-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x"
},
"product_reference": "libQt5Pdf5-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5Pdf5-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64"
},
"product_reference": "libQt5Pdf5-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64"
},
"product_reference": "libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le"
},
"product_reference": "libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x"
},
"product_reference": "libQt5PdfWidgets5-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libQt5PdfWidgets5-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64"
},
"product_reference": "libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-devel-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-examples-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-imports-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtwebengine-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtwebengine-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtwebengine-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-devel-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-examples-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64"
},
"product_reference": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le"
},
"product_reference": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x"
},
"product_reference": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
},
"product_reference": "libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-10229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-10229"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-10229",
"url": "https://www.suse.com/security/cve/CVE-2024-10229"
},
{
"category": "external",
"summary": "SUSE Bug 1232060 for CVE-2024-10229",
"url": "https://bugzilla.suse.com/1232060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-10229"
},
{
"cve": "CVE-2024-10827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-10827"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-10827",
"url": "https://www.suse.com/security/cve/CVE-2024-10827"
},
{
"category": "external",
"summary": "SUSE Bug 1232843 for CVE-2024-10827",
"url": "https://bugzilla.suse.com/1232843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-10827"
},
{
"cve": "CVE-2024-11477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11477"
}
],
"notes": [
{
"category": "general",
"text": "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11477",
"url": "https://www.suse.com/security/cve/CVE-2024-11477"
},
{
"category": "external",
"summary": "SUSE Bug 1233581 for CVE-2024-11477",
"url": "https://bugzilla.suse.com/1233581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-11477"
},
{
"cve": "CVE-2024-12694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-12694"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-12694",
"url": "https://www.suse.com/security/cve/CVE-2024-12694"
},
{
"category": "external",
"summary": "SUSE Bug 1234704 for CVE-2024-12694",
"url": "https://bugzilla.suse.com/1234704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-12694"
},
{
"cve": "CVE-2024-55549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-55549"
}
],
"notes": [
{
"category": "general",
"text": "xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-55549",
"url": "https://www.suse.com/security/cve/CVE-2024-55549"
},
{
"category": "external",
"summary": "SUSE Bug 1239637 for CVE-2024-55549",
"url": "https://bugzilla.suse.com/1239637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-55549"
},
{
"cve": "CVE-2025-0436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0436"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0436",
"url": "https://www.suse.com/security/cve/CVE-2025-0436"
},
{
"category": "external",
"summary": "SUSE Bug 1235892 for CVE-2025-0436",
"url": "https://bugzilla.suse.com/1235892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-0436"
},
{
"cve": "CVE-2025-0762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0762"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0762",
"url": "https://www.suse.com/security/cve/CVE-2025-0762"
},
{
"category": "external",
"summary": "SUSE Bug 1236586 for CVE-2025-0762",
"url": "https://bugzilla.suse.com/1236586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-0762"
},
{
"cve": "CVE-2025-0996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0996"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0996",
"url": "https://www.suse.com/security/cve/CVE-2025-0996"
},
{
"category": "external",
"summary": "SUSE Bug 1237121 for CVE-2025-0996",
"url": "https://bugzilla.suse.com/1237121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-0996"
},
{
"cve": "CVE-2025-0999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0999"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0999",
"url": "https://www.suse.com/security/cve/CVE-2025-0999"
},
{
"category": "external",
"summary": "SUSE Bug 1237343 for CVE-2025-0999",
"url": "https://bugzilla.suse.com/1237343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-0999"
},
{
"cve": "CVE-2025-1426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1426"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1426",
"url": "https://www.suse.com/security/cve/CVE-2025-1426"
},
{
"category": "external",
"summary": "SUSE Bug 1237343 for CVE-2025-1426",
"url": "https://bugzilla.suse.com/1237343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-1426"
},
{
"cve": "CVE-2025-1919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1919"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1919",
"url": "https://www.suse.com/security/cve/CVE-2025-1919"
},
{
"category": "external",
"summary": "SUSE Bug 1238575 for CVE-2025-1919",
"url": "https://bugzilla.suse.com/1238575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-1919"
},
{
"cve": "CVE-2025-2136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2136"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2136",
"url": "https://www.suse.com/security/cve/CVE-2025-2136"
},
{
"category": "external",
"summary": "SUSE Bug 1239216 for CVE-2025-2136",
"url": "https://bugzilla.suse.com/1239216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-2136"
},
{
"cve": "CVE-2025-24201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24201"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24201",
"url": "https://www.suse.com/security/cve/CVE-2025-24201"
},
{
"category": "external",
"summary": "SUSE Bug 1239547 for CVE-2025-24201",
"url": "https://bugzilla.suse.com/1239547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-24201"
},
{
"cve": "CVE-2025-24855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24855"
}
],
"notes": [
{
"category": "general",
"text": "numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24855",
"url": "https://www.suse.com/security/cve/CVE-2025-24855"
},
{
"category": "external",
"summary": "SUSE Bug 1239625 for CVE-2025-24855",
"url": "https://bugzilla.suse.com/1239625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-24855"
},
{
"cve": "CVE-2025-2783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2783"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2783",
"url": "https://www.suse.com/security/cve/CVE-2025-2783"
},
{
"category": "external",
"summary": "SUSE Bug 1240084 for CVE-2025-2783",
"url": "https://bugzilla.suse.com/1240084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-2783"
},
{
"cve": "CVE-2025-3619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3619"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3619",
"url": "https://www.suse.com/security/cve/CVE-2025-3619"
},
{
"category": "external",
"summary": "SUSE Bug 1241288 for CVE-2025-3619",
"url": "https://bugzilla.suse.com/1241288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1.x86_64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.aarch64",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.ppc64le",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.s390x",
"openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3619"
}
]
}
fkie_cve-2024-11477
Vulnerability from fkie_nvd
Published
2024-11-22 21:15
Modified
2025-02-15 01:15
Severity ?
Summary
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01AEC7B4-8443-4267-A0E3-3C41EDFFBB38",
"versionEndExcluding": "24.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de enteros en la descompresi\u00f3n Zstandard de 7-Zip. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de 7-Zip. Se requiere la interacci\u00f3n con esta librer\u00eda para explotar esta vulnerabilidad, pero los vectores de ataque pueden variar seg\u00fan la implementaci\u00f3n. La falla espec\u00edfica existe dentro de la implementaci\u00f3n de la descompresi\u00f3n Zstandard. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar un desbordamiento de enteros antes de escribir en la memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24346."
}
],
"id": "CVE-2024-11477",
"lastModified": "2025-02-15T01:15:10.080",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-22T21:15:08.613",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20250214-0007/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
icsa-25-184-03
Vulnerability from csaf_cisa
Published
2025-07-03 06:00
Modified
2025-07-03 06:00
Summary
Mitsubishi Electric MELSOFT Update Manager
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, disclose information, alter information, or cause a denial-of-service (DoS) condition.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Do not click web links or open attachments in unsolicited email messages.
Recommended Practices
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities have a high attack complexity.
{
"document": {
"acknowledgments": [
{
"organization": "Mitsubishi Electric",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, disclose information, alter information, or cause a denial-of-service (DoS) condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Do not click web links or open attachments in unsolicited email messages.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities have a high attack complexity.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-25-184-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-184-03.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-25-184-03 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Mitsubishi Electric MELSOFT Update Manager",
"tracking": {
"current_release_date": "2025-07-03T06:00:00.000000Z",
"generator": {
"date": "2025-07-03T12:22:47.583814Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-184-03",
"initial_release_date": "2025-07-03T06:00:00.000000Z",
"revision_history": [
{
"date": "2025-07-03T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=1.000A|\u003c1.012N",
"product": {
"name": "Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M: \u003e=1.000A|\u003c1.012N",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "MELSOFT Update Manager SW1DND-UDM-M"
}
],
"category": "vendor",
"name": "Mitsubishi Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11477",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "summary",
"text": "Mitsubishi Electric MELSOFT Update Manager is vulnerable to an Integer Underflow vulnerability in 7-zip, included in MELSOFT Update Manager, that could allow a remote attacker to execute arbitrary code by decompressing a specially crafted compressed file. As a result, the attacker may disclose, tamper with information, or cause a denial-of-service (DoS) condition on the product.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11477"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Mitsubishi Electric recommends users take the following actions to minimize the risk of exploiting these vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For customers in Japan:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Please download version 1.013P or later from the download site below, and follow the update procedure below (Note). Additionally, please verify the authenticity of the following download site in advance.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download Site (in Japanese)",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.co.jp/fa/download/index.html"
},
{
"category": "mitigation",
"details": "Update Procedure:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Extract the downloaded file (in zip format).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Run \"setup.exe\" in the extracted folder to install.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Note: If you are using MELSOFT Update Manager version 1.012N and prior, please do not connect to the internet until the above update is complete. There is a risk that these vulnerabilities could be exploited.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For customers outside Japan:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For information about how to install the fixed version, please contact your local Mitsubishi Electric representative.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For customers who cannot immediately update the product, Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the PC with the affected product within the LAN and block remote logins from untrusted networks, hosts, and users.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When connecting the PC with the affected product to the internet, use a firewall, virtual private network (VPN), etc. to prevent unauthorized access and allow only trusted users to remote login.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to the PC with the affected product and the network to which the PC is connected to, to prevent unauthorized physical access .",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click on web links in emails from untrusted sources. Also, do not open attachments in untrusted emails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install antivirus software on the PC with the affected product.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information, see Mitsubishi Electric 2025-006.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-006_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2025-0411",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "summary",
"text": "Mitsubishi Electric MELSOFT Update Manager is vulnerable to an Protection Mechanism Failure vulnerability in 7-zip, included in MELSOFT Update Manager, that could allow an attacker to execute arbitrary code by decompressing a specially crafted compressed file. As a result, the attacker may disclose, tamper with information, or cause a denial-of-service (DoS) condition on the product.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0411"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Mitsubishi Electric recommends users take the following actions to minimize the risk of exploiting these vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For customers in Japan:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Please download version 1.013P or later from the download site below, and follow the update procedure below (Note). Additionally, please verify the authenticity of the following download site in advance.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download Site (in Japanese)",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.co.jp/fa/download/index.html"
},
{
"category": "mitigation",
"details": "Update Procedure:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Extract the downloaded file (in zip format).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Run \"setup.exe\" in the extracted folder to install.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Note: If you are using MELSOFT Update Manager version 1.012N and prior, please do not connect to the internet until the above update is complete. There is a risk that these vulnerabilities could be exploited.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For customers outside Japan:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For information about how to install the fixed version, please contact your local Mitsubishi Electric representative.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For customers who cannot immediately update the product, Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting these vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the PC with the affected product within the LAN and block remote logins from untrusted networks, hosts, and users.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When connecting the PC with the affected product to the internet, use a firewall, virtual private network (VPN), etc. to prevent unauthorized access and allow only trusted users to remote login.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to the PC with the affected product and the network to which the PC is connected to, to prevent unauthorized physical access .",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not click on web links in emails from untrusted sources. Also, do not open attachments in untrusted emails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install antivirus software on the PC with the affected product.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information, see Mitsubishi Electric 2025-006.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-006_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ghsa-882h-ff2x-f86q
Vulnerability from github
Published
2024-11-22 21:32
Modified
2025-02-15 03:31
Severity ?
VLAI Severity ?
Details
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.
{
"affected": [],
"aliases": [
"CVE-2024-11477"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-22T21:15:08Z",
"severity": "HIGH"
},
"details": "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.",
"id": "GHSA-882h-ff2x-f86q",
"modified": "2025-02-15T03:31:24Z",
"published": "2024-11-22T21:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11477"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250214-0007"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…