CVE-2023-24607
Published Apr 15, 2023
Last updated 6 months ago
Overview
- Description
- Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82BC32FC-2B1F-4FD4-A368-DD37D7FCBA7E",
"versionEndExcluding": "5.15.13",
"versionStartIncluding": "5.0.0"
},
{
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4911A94E-AA2F-4017-8702-0AF092FF809F",
"versionEndExcluding": "6.2.8",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DC66FEF-0D94-4464-B9F8-800A1F9424C0",
"versionEndExcluding": "6.4.3",
"versionStartIncluding": "6.3.0"
}
],
"operator": "OR"
}
]
}
]