CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

https://bugreports.qt.io/browse/QTBUG-70693
https://bugreports.qt.io/browse/QTBUG-70693
https://codereview.qt-project.org/c/qt/qtwebsockets/+/284735
https://codereview.qt-project.org/c/qt/qtwebsockets/+/284735

Published: 2020-11-23
Modified: 2024-11-21

CVE-2020-0569

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

Severity: MEDIUM (5.7) Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00338.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00338.html

Version: 2.1.0

Package qt5-graphicaleffects update in sisyphus on 2020-08-13

ALT-PU-2020-2574-1

Closed vulnerabilities

CVE-2018-21035

CVE-2020-0569