Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Qt 安全漏洞
Vulnerability Description
Qt是挪威Qt公司的一个跨平台的C++应用程序开发框架。广泛用于开发GUI程序,这种情况下又被称为部件工具箱。也可用于开发非GUI程序,例如控制台工具和服务器。 Qt 5.15.14之前版本,6.2.9之前的6.x版本、6.3.x至6.5.1之前的6.5.x版本存在安全漏洞,该漏洞源于错误地解析了严格传输安全 (HSTS) 标头,攻击者利用该漏洞可以建立未加密的连接。
CVSS Information
N/A
Vulnerability Type
N/A