What is CVE-2020-24742?

CVE-2020-24742 is a high-severity vulnerability in Qt. CVSS score: 7.8/10. Published 2021-08-09.

How severe is CVE-2020-24742?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Qt

CVE-2020-24742

An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.

EPSS: 0.012 (63.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Qt
N/a — versions n/a

References

cve@mitre.org (Patch, x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2020-24742?: CVE-2020-24742 is a high-severity vulnerability in Qt. CVSS score: 7.8/10. Published 2021-08-09.
How severe is CVE-2020-24742?: High severity. CVSS v3 base score is 7.8 out of 10.