RHSA-2020:4690MediumCVSS 7.5

Red Hat Security Advisory: qt5-qtbase and qt5-qtwebsockets security and bug fix update

Published
November 4, 2020
Last Modified
June 26, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2015-9541 — qt: XML entity expansion vulnerability CVE-2018-21035 — qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages therefore attacker can cause DOS CVE-2020-0569 — qt: files placed by attacker can influence the working directory and lead to malicious code execution CVE-2020-0570 — qt: files placed by attacker can influence the working directory and lead to malicious code execution CVE-2020-13962 — qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications

🔗 References (10)