PT-2020-13805 · Qt Company+9 · Qt+9

Davidebeatrici

·

Published

2020-06-08

·

Updated

2026-03-05

·

CVE-2020-13962

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Qt versions 5.12.2 through 5.14.2
Description The issue mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails.
Recommendations For Qt versions 5.12.2 through 5.14.2, consider updating to a version where this issue is resolved, as the current version can cause a denial of service to QSslSocket users due to the mishandling of OpenSSL's error queue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

ALSA-2020:4690
ALT-PU-2020-2152
ALT-PU-2020-2266
ALT-PU-2020-2267
ALT-PU-2020-2268
ALT-PU-2020-2269
ALT-PU-2020-2270
ALT-PU-2020-2271
ALT-PU-2020-2272
ALT-PU-2020-2273
ALT-PU-2020-2274
ALT-PU-2020-2275
ALT-PU-2020-2276
ALT-PU-2020-2277
ALT-PU-2020-2278
ALT-PU-2020-2279
ALT-PU-2020-2280
ALT-PU-2020-2281
ALT-PU-2020-2282
ALT-PU-2020-2283
ALT-PU-2020-2284
ALT-PU-2020-2285
ALT-PU-2020-2286
ALT-PU-2020-2287
ALT-PU-2020-2288
ALT-PU-2020-2289
ALT-PU-2020-2290
ALT-PU-2020-2291
ALT-PU-2020-2292
ALT-PU-2020-2293
ALT-PU-2020-2294
ALT-PU-2020-2295
ALT-PU-2020-2296
ALT-PU-2020-2297
ALT-PU-2020-2298
ALT-PU-2020-2374
ALT-PU-2020-2375
ALT-PU-2020-2376
ALT-PU-2020-2377
ALT-PU-2020-2378
ALT-PU-2020-2379
ALT-PU-2020-2380
ALT-PU-2020-2381
ALT-PU-2020-2382
ALT-PU-2020-2383
ALT-PU-2020-2384
ALT-PU-2020-2385
ALT-PU-2020-2386
ALT-PU-2020-2387
ALT-PU-2020-2388
ALT-PU-2020-2389
ALT-PU-2020-2390
ALT-PU-2020-2391
ALT-PU-2020-2392
ALT-PU-2020-2393
ALT-PU-2020-2394
ALT-PU-2020-2395
ALT-PU-2020-2396
ALT-PU-2020-2397
ALT-PU-2020-2398
ALT-PU-2020-2399
ALT-PU-2020-2400
ALT-PU-2020-2401
ALT-PU-2020-2402
ALT-PU-2020-2403
ALT-PU-2020-2404
ALT-PU-2020-2405
ALT-PU-2020-2406
ALT-PU-2020-2407
AZL-6835
CESA-2020_4690
CVE-2020-13962
MGASA-2021-0200
OPENSUSE-SU-2020:1319-1
OPENSUSE-SU-2020_1319-1
OPENSUSE-SU-2024:11742-1
RHSA-2020:4690
RHSA-2020_4690
RLSA-2020:4690
SUSE-SU-2020:2357-1
SUSE-SU-2020_2357-1
USN-8076-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Openssl
Qt
Red Hat
Rocky Linux
Suse
Ubuntu