{"id":"UBUNTU-CVE-2018-19865","details":"A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3.","modified":"2026-05-20T16:03:36.178832844Z","published":"2018-12-05T11:29:00Z","upstream":["CVE-2018-19865"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-19865"},{"type":"REPORT","url":"http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/243666/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/244569/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/244687/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/244845/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/245283/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/245293/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/245312/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/245638/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/245640/"},{"type":"REPORT","url":"https://codereview.qt-project.org/#/c/246630/"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2018-19865"}],"affected":[{"package":{"name":"qtvirtualkeyboard-opensource-src","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/qtvirtualkeyboard-opensource-src?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.9.1+dfsg-3","5.9.2+dfsg-1build1","5.9.3+dfsg-0ubuntu2","5.9.4+dfsg-0ubuntu1","5.9.4+dfsg-0ubuntu2","5.9.4+dfsg-0ubuntu3","5.9.5+dfsg-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"qml-module-qtquick-virtualkeyboard","binary_version":"5.9.5+dfsg-0ubuntu1"},{"binary_name":"qtvirtualkeyboard-plugin","binary_version":"5.9.5+dfsg-0ubuntu1"},{"binary_name":"qtvirtualkeyboard5-examples","binary_version":"5.9.5+dfsg-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19865.json"}},{"package":{"name":"qtvirtualkeyboard-opensource-src","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/qtvirtualkeyboard-opensource-src?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.12.4+dfsg-1","5.12.5+dfsg-1","5.12.5+dfsg-2","5.12.5+dfsg-2build1","5.12.8+dfsg-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"libqt5hunspellinputmethod5","binary_version":"5.12.8+dfsg-0ubuntu1"},{"binary_name":"libqt5virtualkeyboard5","binary_version":"5.12.8+dfsg-0ubuntu1"},{"binary_name":"qml-module-qtquick-virtualkeyboard","binary_version":"5.12.8+dfsg-0ubuntu1"},{"binary_name":"qtvirtualkeyboard-plugin","binary_version":"5.12.8+dfsg-0ubuntu1"},{"binary_name":"qtvirtualkeyboard5-doc-html","binary_version":"5.12.8+dfsg-0ubuntu1"},{"binary_name":"qtvirtualkeyboard5-examples","binary_version":"5.12.8+dfsg-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19865.json"}},{"package":{"name":"qtvirtualkeyboard-opensource-src","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qtvirtualkeyboard-opensource-src?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.2+dfsg-2","5.15.3+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libqt5hunspellinputmethod5","binary_version":"5.15.3+dfsg-1"},{"binary_name":"libqt5virtualkeyboard5","binary_version":"5.15.3+dfsg-1"},{"binary_name":"qml-module-qtquick-virtualkeyboard","binary_version":"5.15.3+dfsg-1"},{"binary_name":"qtvirtualkeyboard-plugin","binary_version":"5.15.3+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-doc-html","binary_version":"5.15.3+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-examples","binary_version":"5.15.3+dfsg-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19865.json"}},{"package":{"name":"qtvirtualkeyboard-opensource-src","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/qtvirtualkeyboard-opensource-src?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.10+dfsg-2","5.15.12+dfsg-1","5.15.12+dfsg-1build1","5.15.12+dfsg-1build2","5.15.13+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libqt5hunspellinputmethod5","binary_version":"5.15.13+dfsg-1"},{"binary_name":"libqt5virtualkeyboard5","binary_version":"5.15.13+dfsg-1"},{"binary_name":"qml-module-qtquick-virtualkeyboard","binary_version":"5.15.13+dfsg-1"},{"binary_name":"qtvirtualkeyboard-plugin","binary_version":"5.15.13+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-doc-html","binary_version":"5.15.13+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-examples","binary_version":"5.15.13+dfsg-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19865.json"}},{"package":{"name":"qtvirtualkeyboard-opensource-src","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/qtvirtualkeyboard-opensource-src?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.17+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libqt5hunspellinputmethod5","binary_version":"5.15.17+dfsg-1"},{"binary_name":"libqt5virtualkeyboard5","binary_version":"5.15.17+dfsg-1"},{"binary_name":"qml-module-qtquick-virtualkeyboard","binary_version":"5.15.17+dfsg-1"},{"binary_name":"qtvirtualkeyboard-plugin","binary_version":"5.15.17+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-doc-html","binary_version":"5.15.17+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-examples","binary_version":"5.15.17+dfsg-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19865.json"}},{"package":{"name":"qtvirtualkeyboard-opensource-src","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/qtvirtualkeyboard-opensource-src?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.17+dfsg-1","5.15.17+dfsg-2","5.15.18+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libqt5hunspellinputmethod5","binary_version":"5.15.18+dfsg-1"},{"binary_name":"libqt5virtualkeyboard5","binary_version":"5.15.18+dfsg-1"},{"binary_name":"qml-module-qtquick-virtualkeyboard","binary_version":"5.15.18+dfsg-1"},{"binary_name":"qtvirtualkeyboard-plugin","binary_version":"5.15.18+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-doc-html","binary_version":"5.15.18+dfsg-1"},{"binary_name":"qtvirtualkeyboard5-examples","binary_version":"5.15.18+dfsg-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-19865.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}