Описание
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | qt5-qtwebsockets | Will not fix | ||
| Red Hat Enterprise Linux 8 | qt5-qtbase | Fixed | RHSA-2020:4690 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | qt5-qttools | Fixed | RHSA-2020:4690 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | qt5-qtwebsockets | Fixed | RHSA-2020:4690 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB f ...
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
Уязвимость компонента WebSocket кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3