In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qt | Qt | * | 5.15.15 (excluding) |
| Qt | Qt | 6.0.0 (including) | 6.2.9 (excluding) |
| Qt | Qt | 6.3.0 (including) | 6.5.2 (excluding) |
| Red Hat Enterprise Linux 8 | RedHat | qt5-qtbase-0:5.15.3-5.el8 | * |
| Red Hat Enterprise Linux 9 | RedHat | qt5-qtbase-0:5.15.9-7.el9 | * |
| Qt4-x11 | Ubuntu | bionic | * |
| Qt4-x11 | Ubuntu | trusty | * |
| Qt4-x11 | Ubuntu | trusty/esm | * |
| Qt4-x11 | Ubuntu | xenial | * |
| Qt6-base | Ubuntu | bionic | * |
| Qt6-base | Ubuntu | lunar | * |
| Qt6-base | Ubuntu | mantic | * |
| Qt6-base | Ubuntu | oracular | * |
| Qt6-base | Ubuntu | trusty | * |
| Qt6-base | Ubuntu | xenial | * |
| Qtbase-opensource-src | Ubuntu | bionic | * |
| Qtbase-opensource-src | Ubuntu | esm-apps/focal | * |
| Qtbase-opensource-src | Ubuntu | esm-apps/jammy | * |
| Qtbase-opensource-src | Ubuntu | esm-infra/bionic | * |
| Qtbase-opensource-src | Ubuntu | esm-infra/xenial | * |
| Qtbase-opensource-src | Ubuntu | focal | * |
| Qtbase-opensource-src | Ubuntu | jammy | * |
| Qtbase-opensource-src | Ubuntu | lunar | * |
| Qtbase-opensource-src | Ubuntu | mantic | * |
| Qtbase-opensource-src | Ubuntu | trusty | * |
| Qtbase-opensource-src | Ubuntu | upstream | * |
| Qtbase-opensource-src | Ubuntu | xenial | * |
| Qtbase-opensource-src-gles | Ubuntu | bionic | * |
| Qtbase-opensource-src-gles | Ubuntu | focal | * |
| Qtbase-opensource-src-gles | Ubuntu | lunar | * |
| Qtbase-opensource-src-gles | Ubuntu | mantic | * |
| Qtbase-opensource-src-gles | Ubuntu | oracular | * |
| Qtbase-opensource-src-gles | Ubuntu | trusty | * |
| Qtbase-opensource-src-gles | Ubuntu | xenial | * |