CVE-2023-24607

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*

History

01 May 2024, 01:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html -

24 Apr 2023, 20:10

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References (MISC) https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238 - (MISC) https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238 - Permissions Required
References (MISC) https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff - (MISC) https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff - Vendor Advisory
References (MISC) https://codereview.qt-project.org/c/qt/qtbase/+/456216 - (MISC) https://codereview.qt-project.org/c/qt/qtbase/+/456216 - Issue Tracking
References (MISC) https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217 - (MISC) https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217 - Permissions Required
References (MISC) https://www.qt.io/blog/tag/security - (MISC) https://www.qt.io/blog/tag/security - Release Notes
References (MISC) https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin - (MISC) https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin - Product
References (MISC) https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d - (MISC) https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d - Patch, Third Party Advisory
CPE cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

15 Apr 2023, 02:25

Type Values Removed Values Added
New CVE

Information

Published : 2023-04-15 01:15

Updated : 2024-05-01 01:15


NVD link : CVE-2023-24607

Mitre link : CVE-2023-24607

CVE.ORG link : CVE-2023-24607


JSON object : View

Products Affected

qt

  • qt