CVE-2018-19865 Information

Feb 14, 2021 cve

Description

A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x 5.8.x 5.9.x 5.10.x and 5.11.x before 5.11.3.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00085.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00086.html https://codereview.qt-project.org//c/243666/ https://codereview.qt-project.org//c/244569/ https://codereview.qt-project.org//c/244687/ https://codereview.qt-project.org//c/244845/ https://codereview.qt-project.org//c/245283/ https://codereview.qt-project.org//c/245293/ https://codereview.qt-project.org//c/245312/ https://codereview.qt-project.org//c/245638/ https://codereview.qt-project.org//c/245640/ https://codereview.qt-project.org//c/246630/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5

Share on: