What is CVE-2023-24607?

CVE-2023-24607 is a high-severity vulnerability in Qt. CVSS score: 7.5/10. Published 2023-04-15.

How severe is CVE-2023-24607?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Qt

CVE-2023-24607

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

EPSS: 0.013 (67.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Qt
N/a — versions n/a

References

cve@mitre.org (Release Notes)
cve@mitre.org (Issue Tracking)
cve@mitre.org (Permissions Required)
cve@mitre.org (Permissions Required)
cve@mitre.org (Vendor Advisory)
cve@mitre.org (Patch, Third Party Advisory)
cve@mitre.org (Product)
cve@mitre.org (mailing-list)

Frequently asked questions

What is CVE-2023-24607?: CVE-2023-24607 is a high-severity vulnerability in Qt. CVSS score: 7.5/10. Published 2023-04-15.
How severe is CVE-2023-24607?: High severity. CVSS v3 base score is 7.5 out of 10.