// For flags

CVE-2023-51714

qt: incorrect integer overflow check

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.

Se descubrió un problema en la implementación de HTTP2 en Qt antes de 5.15.17, 6.x antes de 6.2.11, 6.3.x hasta 6.5.x antes de 6.5.4 y 6.6.x antes de 6.6.2. network/access/http2/hpacktable.cpp tiene una comprobación de desbordamiento de enteros HPack incorrecta.

An integer overflow vulnerability was found in Qt. An incorrect HPack integer overflow check can lead to denial of service.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-12-22 CVE Reserved
  • 2023-12-24 CVE Published
  • 2024-05-01 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-190: Integer Overflow or Wraparound
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qt
Search vendor "Qt"
Qt
Search vendor "Qt" for product "Qt"
< 5.15.17
Search vendor "Qt" for product "Qt" and version " < 5.15.17"
-
Affected
Qt
Search vendor "Qt"
Qt
Search vendor "Qt" for product "Qt"
>= 6.0.0 < 6.2.11
Search vendor "Qt" for product "Qt" and version " >= 6.0.0 < 6.2.11"
-
Affected
Qt
Search vendor "Qt"
Qt
Search vendor "Qt" for product "Qt"
>= 6.3.0 < 6.5.4
Search vendor "Qt" for product "Qt" and version " >= 6.3.0 < 6.5.4"
-
Affected
Qt
Search vendor "Qt"
Qt
Search vendor "Qt" for product "Qt"
>= 6.6.0 < 6.6.2
Search vendor "Qt" for product "Qt" and version " >= 6.6.0 < 6.6.2"
-
Affected