Ubuntu: Security Advisory (USN-8076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8076-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...

EUVD-2020-6136

Malware in sbrugna...

SUSE CVE-2020-13962

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...

Qt 5.12.2 through 5.14.2 as used in unofficial builds of Mumble 1.3.0 and other products mishandles OpenSSL's error queue which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected regardless of the Qt version.)

...

Oracle Linux 8 : qt5-qtbase / and / qt5-qtwebsockets (ELSA-2020-4690)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4690 advisory. qt5-qtbase 5.12.5-6 - OpenSSL: handle SSLshutdowns errors properly Resolves: bz1851538 5.12.5-5 - Fix: Files placed by attacker can influence the worki...

qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...

AZL-6835 CVE-2020-13962 affecting package qt5-qtsvg for versions less than 5.12.11-3

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...

DEBIAN-CVE-2020-13962

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...

UBUNTU-CVE-2020-13962

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...

FreeBSD : lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability (1ac77649-0908-11dd-974d-000fea2763ce)

Secunia reports : A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to lighttpd not properly clearing the OpenSSL error queue. This can be exploited to close concurrent SSL connections of...

CVE-2005-2532

OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service client disconnection via a large number of packets that can not be decrypted...