Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2020-24742

Related Vulnerabilities: CVE-2020-24742  

An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.

Source

Description

The MITRE CVE dictionary describes this issue as:

An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.

Additional Information

  • Bugzilla 1993136: CVE-2020-24742 qt: QPluginLoader loads plugins relative to CWD which could result in arbitrary code execution
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • FAQ: Frequently asked questions about CVE-2020-24742

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started