CVE-2020-0570
- Source
- https://cve.org/CVERecord?id=CVE-2020-0570
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-0570.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-0570
- Downstream
- Related
- Published
- 2020-09-14T19:15:10.583Z
- Modified
- 2026-02-03T07:09:11.152477Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
- References
-
- https://bugreports.qt.io/browse/QTBUG-81272
- https://bugzilla.redhat.com/show_bug.cgi?id=1800604
- https://lists.qt-project.org/pipermail/development/2020-January/038534.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1800604
- https://bugreports.qt.io/browse/QTBUG-81272
- https://bugzilla.redhat.com/show_bug.cgi?id=1800604
- https://lists.qt-project.org/pipermail/development/2020-January/038534.html
- https://bugreports.qt.io/browse/QTBUG-81272
Affected packages
Git / github.com/qt/qt5
Affected versions
v5.*
v5.10.0
v5.10.0-rc3
v5.10.1
v5.11.0
v5.11.0-alpha1
v5.11.0-beta1
v5.11.0-beta2
v5.11.0-beta3
v5.11.0-beta4
v5.11.0-rc1
v5.11.0-rc2
v5.11.1
v5.11.2
v5.11.3
v5.12.0
v5.12.0-alpha1
v5.12.0-beta1
v5.12.0-beta2
v5.12.0-beta3
v5.12.0-beta4
v5.12.0-rc1
v5.12.0-rc2
v5.12.1
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.12.6
v5.13.0
v5.13.0-rc3
v5.13.1
v5.14.0-alpha1
v5.14.0-beta1
v5.14.0-beta2
v5.14.0-beta3
v5.14.0-rc1
v5.9.4
Git / github.com/qt/qtbase
Affected versions
v5.*
v5.10.0
v5.10.0-rc3
v5.10.1
v5.11.0
v5.11.0-alpha1
v5.11.0-beta1
v5.11.0-beta2
v5.11.0-beta3
v5.11.0-beta4
v5.11.0-rc1
v5.11.0-rc2
v5.11.1
v5.11.2
v5.11.3
v5.12.0
v5.12.0-alpha1
v5.12.0-beta1
v5.12.0-beta2
v5.12.0-beta3
v5.12.0-beta4
v5.12.0-rc1
v5.12.0-rc2
v5.12.1
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.12.6
v5.13.0
v5.13.0-alpha1
v5.13.0-beta1
v5.13.0-beta2
v5.13.0-beta3
v5.13.0-beta4
v5.13.0-rc1
v5.13.0-rc2
v5.13.0-rc3
v5.13.1
v5.13.2
v5.14.0-alpha1
v5.14.0-beta1
v5.14.0-beta2
v5.14.0-beta3
v5.14.0-rc1
v5.9.4
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/corelib/time/qcalendar.cpp",
"function": "QCalendarBackend::fromEnum"
},
"source": "https://github.com/qt/qtbase/commit/2a887a517eaaa2c5324aecf3b919899b7a86ff4a",
"id": "CVE-2020-0570-c7889054",
"digest": {
"function_hash": "71332152841244748522602606891732985491",
"length": 891.0
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/corelib/time/qcalendar.cpp"
},
"source": "https://github.com/qt/qtbase/commit/2a887a517eaaa2c5324aecf3b919899b7a86ff4a",
"id": "CVE-2020-0570-e28156da",
"digest": {
"line_hashes": [
"126256747252800817208418696187723556533",
"150756843560902081956306707431697914063",
"336797157278032097828194484489526761035",
"206439151709090235265677738535943131187",
"114906715666850331827204257559836080037",
"134665350989241518761002595505043291334",
"337821674886944546617969196960834263196",
"274920186207822786761532454224035700681"
],
"threshold": 0.9
}
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-0570.json"