MiracleLinux 8 : qt5-qtbase-5.12.5-6.el8, qt5-qttools-5.12.5-2.el8, qt5-qtwebsockets-5.12.5-2.el8 (AXSA:2021-1450:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1450:01 advisory. qt: XML entity expansion vulnerability CVE-2015-9541 qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages...

Denial Of Service (DoS)

qt5 is vulnerable to denial of service. An incorrect call to SSLshutdown during mid-handshake causes a denial of service condition in TLS applications...