FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

QtNetwork -- potential buffer overflow

Affected packages
qt5-network < 5.15.12p148_1
qt6-base < 6.6.1_2


VuXML ID e2f981f1-ad9e-11ee-8b55-4ccc6adda413
Discovery 2023-12-14
Entry 2024-01-07

Andy Shaw reports:

A potential integer overflow has been discovered in Qt's HTTP2 implementation. If the HTTP2 implementation receives more than 4GiB in total headers, or more than 2GiB for any given header pair, then the internal buffers may overflow.


CVE Name CVE-2023-51714