SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qt6-base (SUSE-SU-2024:0063-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0063-1 advisory. - An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x...

Security advisory: Potential Integer Overflow in Qt's HTTP2 implementation

A recently reported potential integer overflow issue in Qt’s HTTP2 implementation has been assigned the CVE id CVE-2023-51714. An issue was discovered in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. If the HTTP2 implementation receives more then...

SUSE CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

AZL-38245 CVE-2023-51714 affecting package qtbase for versions less than 6.6.2-1

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

Integer overflow

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

UBUNTU-CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

CVE-2023-51714

The CVE-2023-51714 entry concerns Qt’s HTTP/2 HPack handling: an incorrect HPack integer overflow check in network/access/http2/hpacktable.cpp affects Qt base components. Affected are Qt before 5.15.17, 6.x before 6.2.11, 6.3.x–6.5.x before 6.5.4, and 6.6.x before 6.6.2. The issue’s impact is des...

CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

Oracle Linux 8 : conmon (ELSA-2023-13054)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13054 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-44487 and CVE-2023-39325 - address CVE-2023-44487 and...

Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common (CVE-2023-44487)

Summary IBM Storage Protect Server uses the http2-server and http2-common components and may be vulnerable to denial of service caused by a flaw in handling multiplexed streams in the HTTP/2 protocol. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a...

QtNetwork -- potential buffer overflow

Andy Shaw reports: A potential integer overflow has been discovered in Qt's HTTP2 implementation. If the HTTP2 implementation receives more than 4GiB in total headers, or more than 2GiB for any given header pair, then the internal buffers may overflow...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.11.55 security update

Red Hat OpenShift Container Platform release 4.11.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

Oracle Linux 7 : conmon (ELSA-2023-13029)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13029 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 cri-tools - Resolve CVE-2023-39325 flannel-cni-plugin - Resolve CVE-2023-44487 and CVE-2023-39325 he...

Fedora 38 : gmailctl (2023-6f4c5b6331)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6f4c5b6331 advisory. upgrade to v0.10.7, close rhbz2249798 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 security update on RHEL 9

New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Fedora 39 : prometheus-podman-exporter (2023-b75ee820ce)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b75ee820ce advisory. release v1.5.0 + security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...