Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-32762
HistoryMay 28, 2023 - 11:15 p.m.

Design/Logic Flaw

2023-05-2823:15:00
PRIOn knowledge base
www.prio-n.com
12
qt
design/logic flaw
network
hsts
unencrypted connections
server restriction

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

40.2%

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.