Lucene search

K
cvelistMitreCVELIST:CVE-2023-32762
HistoryMay 28, 2023 - 12:00 a.m.

CVE-2023-32762

2023-05-2800:00:00
mitre
www.cve.org
2
cve-2023-32762
qt
network
hsts
header
parsing
vulnerability
unencrypted
connections
strict-transport-security

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

40.2%

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.