Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Qt 5.6 contains security vulnerabilities #3344

Closed
torusrxxx opened this issue May 3, 2024 · 1 comment
Closed

Qt 5.6 contains security vulnerabilities #3344

torusrxxx opened this issue May 3, 2024 · 1 comment

Comments

@torusrxxx
Copy link
Member

As I was investigating and patching CVE-2023-4863 in another project, I also found Qt 5.6 used by x64dbg needs to be patched as well. More information is available at https://www.qt.io/blog/two-qt-security-advisorys-gdi-font-engine-webp-image-format
@mrexodia
Copy link
Member

I don't think these patches are relevant for x64dbg, considering a user needs to add a corrupt font and no WebP is being rendered. Security issues would be relevant if opening/running an executable would trigger a crash or code execution in the x64dbg process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mrexodia @torusrxxx