CVE-2020-24742 — Path Traversal in QT

CWE-22 — Path Traversal6 documents6 sources

Severity

7.8HIGHNVD

EPSS

0.8%

top 25.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

QT Debian Qtbase-opensource-src Debian Qtbase-opensource-src-gles +3 more

Timeline

PublishedAug 9

Latest updateMay 24

Description

An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

▶NVDqt/qt5.6.0 — 5.12.7+1

▶debiandebian/qtbase-opensource-src< qtbase-opensource-src 5.12.5+dfsg-8 (bookworm)

▶debiandebian/qtbase-opensource-src-gles< qtbase-opensource-src 5.12.5+dfsg-8 (bookworm)

▶msrcmsrc/cbl_mariner_2.0_arm

▶msrcmsrc/cbl_mariner_2.0_x64

Patches

Patch: codereview.qt-project.org ↗Patch: codereview.qt-project.org ↗

🔴Vulnerability Details

GHSA

GHSA-r23c-fjj8-522c: An issue has been fixed in Qt versions 5↗2022-05-24

▶

OSV

CVE-2020-24742: An issue has been fixed in Qt versions 5↗2021-08-09

▶

📋Vendor Advisories

Red Hat

qt: QPluginLoader loads plugins relative to CWD which could result in arbitrary code execution↗2021-08-10

▶

Microsoft

An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory allowing attackers to execute arbitrary code via crafted files.↗2021-08-10

▶

Debian

CVE-2020-24742: qtbase-opensource-src - An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to lo...↗2020

▶