AZL-26048

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-26048.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-26048

Upstream

CVE-2023-24607

Published

2023-04-15T01:15:07Z

Modified

2026-04-01T05:08:13.826492Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2023-24607 affecting package qt5-qtbase for versions less than 5.15.9-1

Details

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-24607

Affected packages

Azure Linux:2 / qt5-qtbase

Package

Name: qt5-qtbase
Purl: pkg:rpm/azure-linux/qt5-qtbase

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.9-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-26048.json"