Search for vulnerabilities
Vulnerability details: VCID-wrkz-qujy-aaak
Vulnerability ID VCID-wrkz-qujy-aaak
Aliases CVE-2023-51714
Summary An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Status Published
Exploitability 0.5
Weighted Severity 8.8
Risk 4.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51714.json
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00137 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.00703 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
epss 0.01807 https://api.first.org/data/v1/epss?cve=CVE-2023-51714
cvssv3.1 6.2 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2023-51714
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2023-51714
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51714.json
https://api.first.org/data/v1/epss?cve=CVE-2023-51714
https://codereview.qt-project.org/c/qt/qtbase/+/524864
https://codereview.qt-project.org/c/qt/qtbase/+/524865/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51714
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html
1060693 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060693
2255856 https://bugzilla.redhat.com/show_bug.cgi?id=2255856
cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
CVE-2023-51714 https://nvd.nist.gov/vuln/detail/CVE-2023-51714
GLSA-202402-21 https://security.gentoo.org/glsa/202402-21
RHSA-2024:2276 https://access.redhat.com/errata/RHSA-2024:2276
RHSA-2024:3056 https://access.redhat.com/errata/RHSA-2024:3056
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51714.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-51714
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-51714
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.28532
EPSS Score 0.00063
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-01-03T17:14:28.088951+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2023-51714 34.0.0rc1