CVE-2023-24607

HIGH

Qt 5.0.0-5.15.13 - Denial of Service via SQL ODBC Driver Plugin

Title source: llm
STIX 2.1

Description

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

Scores

CVSS v3 7.5
EPSS 0.0132
EPSS Percentile 67.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (1)
qt/qt 5.0.0 - 5.15.13
Published Apr 15, 2023
Tracked Since Feb 18, 2026