Vulnerability Details CVE-2018-19865
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00085.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00086.html
- https://codereview.qt-project.org/#/c/243666/
- https://codereview.qt-project.org/#/c/244569/
- https://codereview.qt-project.org/#/c/244687/
- https://codereview.qt-project.org/#/c/244845/
- https://codereview.qt-project.org/#/c/245283/
- https://codereview.qt-project.org/#/c/245293/
- https://codereview.qt-project.org/#/c/245312/
- https://codereview.qt-project.org/#/c/245638/
- https://codereview.qt-project.org/#/c/245640/
- https://codereview.qt-project.org/#/c/246630/
- http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00085.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00086.html
- https://codereview.qt-project.org/#/c/243666/
- https://codereview.qt-project.org/#/c/244569/
- https://codereview.qt-project.org/#/c/244687/
- https://codereview.qt-project.org/#/c/244845/
- https://codereview.qt-project.org/#/c/245283/
- https://codereview.qt-project.org/#/c/245293/
- https://codereview.qt-project.org/#/c/245312/
- https://codereview.qt-project.org/#/c/245638/
- https://codereview.qt-project.org/#/c/245640/
- https://codereview.qt-project.org/#/c/246630/
Products affected by CVE-2018-19865
-
cpe:2.3:a:qt:qt:5.10.0
-
cpe:2.3:a:qt:qt:5.10.1
-
cpe:2.3:a:qt:qt:5.11.0
-
cpe:2.3:a:qt:qt:5.11.1
-
cpe:2.3:a:qt:qt:5.11.2
-
cpe:2.3:a:qt:qt:5.7.0
-
cpe:2.3:a:qt:qt:5.7.1
-
cpe:2.3:a:qt:qt:5.8.0
-
cpe:2.3:a:qt:qt:5.9.0
-
cpe:2.3:a:qt:qt:5.9.1
-
cpe:2.3:a:qt:qt:5.9.2
-
cpe:2.3:a:qt:qt:5.9.3
-
cpe:2.3:a:qt:qt:5.9.4
-
cpe:2.3:a:qt:qt:5.9.5
-
cpe:2.3:a:qt:qt:5.9.6
-
cpe:2.3:a:qt:qt:5.9.7
-
cpe:2.3:o:opensuse:leap:15.0