Lucene search
GoogleOSV:CVE-2023-32762HistoryMay 28, 2023 - 11:15 p.m.
CVE-2023-32762
2023-05-2823:15:09
Google
osv.dev
6
cve-2023-32762
unencrypted connections
server prohibition
An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
| CPE | Name | Operator | Version |
|---|---|---|---|
| qtbase | eq | 5.11.0-beta3 | |
| qtbase | eq | 5.0.0-beta2 | |
| qtbase | eq | 5.4.0-beta1 | |
| qtbase | eq | 5.4.0-alpha1 | |
| qtbase | eq | 5.6.0-beta1 | |
| qtbase | eq | 5.13.0-rc1 | |
| qtbase | eq | 5.0.2 | |
| qtbase | eq | 5.6.0 | |
| qtbase | eq | 5.15.0-alpha1 | |
| qtbase | eq | 5.14.0-beta3 |
Related
debiancve
debiancve
CVE-2023-32762
2023-05-28 23:15:09
qt
qt
Security Advisory: Qt Network
2023-05-23 00:00:00
nessus
nessus
Amazon Linux 2 : qt5-qtbase (ALAS-2023-2227)
2023-09-08 00:00:00
Fedora 37 : qt5-qtbase (2023-f42087b533)
2023-05-24 00:00:00
Fedora 38 : qt5-qtbase (2023-b9ead419b6)
2023-05-18 00:00:00
ubuntucve
ubuntucve
CVE-2023-32762
2023-05-28 00:00:00
veracode
veracode
Insecure Handling Of Strict-Transport-Security Header
2023-06-04 19:34:21
amazon
amazon
Medium: qt5-qtbase
2023-08-31 22:28:00
cve
cve
CVE-2023-32762
2023-05-28 23:15:09
prion
prion
Design/Logic Flaw
2023-05-28 23:15:00
cvelist
cvelist
CVE-2023-32762
2023-05-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-32762 affecting package qt5-qtbase for versions less than 5.12.11-8
2023-05-25 09:38:10
CVE-2023-32762 affecting package qt5-qtbase 5.12.11-5
2023-06-27 21:25:25
alpinelinux
alpinelinux
CVE-2023-32762
2023-05-28 23:15:09
mageia
mageia
Updated qtbase5 packages fix security vulnerability
2023-05-31 09:41:32
fedora
fedora
[SECURITY] Fedora 38 Update: qt5-qtbase-5.15.9-3.fc38
2023-05-18 01:59:19
[SECURITY] Fedora 37 Update: qt5-qtbase-5.15.9-3.fc37
2023-05-24 01:15:12
openvas
openvas
Fedora: Security Advisory for qt5-qtbase (FEDORA-2023-f42087b533)
2023-05-25 00:00:00
Mageia: Security Advisory (MGASA-2023-0190)
2023-06-01 00:00:00
Fedora: Security Advisory for qt5-qtbase (FEDORA-2023-b9ead419b6)
2023-05-19 00:00:00
gentoo
gentoo
QtNetwork: Multiple Vulnerabilities
2024-02-18 00:00:00
debian
debian
[SECURITY] [DLA 3805-1] qtbase-opensource-src security update
2024-04-30 23:30:28
osv
osv
qtbase-opensource-src - security update
2024-05-01 00:00:00