CVE-2018-21035

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-21035

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-21035.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-21035

Downstream

AZL-6833

DEBIAN-CVE-2018-21035

MGASA-2021-0270

RHSA-2020:4690

RLSA-2020:4690

UBUNTU-CVE-2018-21035

Related

ALSA-2020:4690

Published

2020-02-28T21:15:12.790Z

Modified

2026-05-15T12:03:30.466830967Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).

References

Affected packages