CVE-2023-24607

Published: Apr 15, 2023

Modified: Aug 2, 2024

PUBLISHED

Description

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.qt.io/blog/tag/security

https://codereview.qt-project.org/c/qt/qtbase/+/456216

https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217

https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238

https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff

https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d

https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin

[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-24607

Description

Affected Products

References