Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-24607

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

Published

2023-04-15T01:15:07.043

Last Modified

2024-11-21T07:48:13.813

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	qt	qt	< 5.15.13	Yes
Application	qt	qt	< 6.2.8	Yes
Application	qt	qt	< 6.4.3	Yes

References

https://codereview.qt-project.org/c/qt/qtbase/+/456216 Issue Tracking ([email protected])
https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217 Permissions Required ([email protected])
https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238 Permissions Required ([email protected])
https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff Vendor Advisory ([email protected])
https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d Patch, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html ([email protected])
https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin Product ([email protected])
https://www.qt.io/blog/tag/security Release Notes ([email protected])
https://codereview.qt-project.org/c/qt/qtbase/+/456216 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)
https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin Product (af854a3a-2127-422b-91ae-364da2661108)
https://www.qt.io/blog/tag/security Release Notes (af854a3a-2127-422b-91ae-364da2661108)