Vulnerability Details CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 74.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2020-24742
-
cpe:2.3:a:qt:qt:5.10.0
-
cpe:2.3:a:qt:qt:5.10.1
-
cpe:2.3:a:qt:qt:5.11.0
-
cpe:2.3:a:qt:qt:5.11.1
-
cpe:2.3:a:qt:qt:5.11.2
-
cpe:2.3:a:qt:qt:5.11.3
-
cpe:2.3:a:qt:qt:5.12.0
-
cpe:2.3:a:qt:qt:5.12.1
-
cpe:2.3:a:qt:qt:5.12.2
-
cpe:2.3:a:qt:qt:5.12.3
-
cpe:2.3:a:qt:qt:5.12.4
-
cpe:2.3:a:qt:qt:5.12.5
-
cpe:2.3:a:qt:qt:5.12.6
-
cpe:2.3:a:qt:qt:5.13.0
-
cpe:2.3:a:qt:qt:5.13.1
-
cpe:2.3:a:qt:qt:5.13.2
-
cpe:2.3:a:qt:qt:5.6.0
-
cpe:2.3:a:qt:qt:5.6.1
-
cpe:2.3:a:qt:qt:5.6.1-1
-
cpe:2.3:a:qt:qt:5.6.2
-
cpe:2.3:a:qt:qt:5.6.3
-
cpe:2.3:a:qt:qt:5.7
-
cpe:2.3:a:qt:qt:5.7.0
-
cpe:2.3:a:qt:qt:5.7.1
-
cpe:2.3:a:qt:qt:5.8.0
-
cpe:2.3:a:qt:qt:5.9.0
-
cpe:2.3:a:qt:qt:5.9.1
-
cpe:2.3:a:qt:qt:5.9.10
-
cpe:2.3:a:qt:qt:5.9.2
-
cpe:2.3:a:qt:qt:5.9.3
-
cpe:2.3:a:qt:qt:5.9.4
-
cpe:2.3:a:qt:qt:5.9.5
-
cpe:2.3:a:qt:qt:5.9.6
-
cpe:2.3:a:qt:qt:5.9.7
-
cpe:2.3:a:qt:qt:5.9.8
-
cpe:2.3:a:qt:qt:5.9.9