Wind River Support Network

HomeDefectsLIN1021-5811
Fixed

LIN1021-5811 : Security Advisory - qtbase - CVE-2023-32762

Created: May 18, 2023    Updated: Aug 10, 2023
Resolved Date: Aug 10, 2023
Found In Version: 10.21.20.1
Fix Version: 10.21.20.19
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.

https://nvd.nist.gov/vuln/detail/CVE-2023-32762

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube