CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
76.3%
setMarkdown in Qt before 5.14.2 has a use-after-free related to
QTextMarkdownImporter::insertBlock.
Author | Note |
---|---|
leosilva | QTextMarkdownImporter was added in version 5.13. |
bugs.chromium.org/p/oss-fuzz/issues/detail?id=20450
codereview.qt-project.org/c/qt/qtbase/+/291706
codereview.qt-project.org/gitweb?p=qt%2Fqtbase.git;a=commit;h=7447e2b337f12b4d04935d0f30fc673e4327d5a0
launchpad.net/bugs/cve/CVE-2020-12267
nvd.nist.gov/vuln/detail/CVE-2020-12267
security-tracker.debian.org/tracker/CVE-2020-12267
www.cve.org/CVERecord?id=CVE-2020-12267
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
76.3%