Vulnerability Details CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2020-24742
-
cpe:2.3:a:qt:qt:5.10.0
-
cpe:2.3:a:qt:qt:5.10.1
-
cpe:2.3:a:qt:qt:5.11.0
-
cpe:2.3:a:qt:qt:5.11.1
-
cpe:2.3:a:qt:qt:5.11.2
-
cpe:2.3:a:qt:qt:5.11.3
-
cpe:2.3:a:qt:qt:5.12.0
-
cpe:2.3:a:qt:qt:5.12.1
-
cpe:2.3:a:qt:qt:5.12.2
-
cpe:2.3:a:qt:qt:5.12.3
-
cpe:2.3:a:qt:qt:5.12.4
-
cpe:2.3:a:qt:qt:5.12.5
-
cpe:2.3:a:qt:qt:5.12.6
-
cpe:2.3:a:qt:qt:5.13.0
-
cpe:2.3:a:qt:qt:5.13.1
-
cpe:2.3:a:qt:qt:5.13.2
-
cpe:2.3:a:qt:qt:5.6.0
-
cpe:2.3:a:qt:qt:5.6.1
-
cpe:2.3:a:qt:qt:5.6.1-1
-
cpe:2.3:a:qt:qt:5.6.2
-
cpe:2.3:a:qt:qt:5.6.3
-
cpe:2.3:a:qt:qt:5.7
-
cpe:2.3:a:qt:qt:5.7.0
-
cpe:2.3:a:qt:qt:5.7.1
-
cpe:2.3:a:qt:qt:5.8.0
-
cpe:2.3:a:qt:qt:5.9.0
-
cpe:2.3:a:qt:qt:5.9.1
-
cpe:2.3:a:qt:qt:5.9.10
-
cpe:2.3:a:qt:qt:5.9.2
-
cpe:2.3:a:qt:qt:5.9.3
-
cpe:2.3:a:qt:qt:5.9.4
-
cpe:2.3:a:qt:qt:5.9.5
-
cpe:2.3:a:qt:qt:5.9.6
-
cpe:2.3:a:qt:qt:5.9.7
-
cpe:2.3:a:qt:qt:5.9.8
-
cpe:2.3:a:qt:qt:5.9.9