The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1665 advisory.

  - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)

  - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)

  - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)

  - qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp (CVE-2019-18281)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 8 : qt5 (RHSA-2020:1665)

medium Nessus Plugin ID 136117

Version 1.10