SecuritySpace - CVE-2023-32762

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-32762

Description: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-32762
https://codereview.qt-project.org/c/qt/qtbase/+/476140
https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305
https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html

CVE ID:	CVE-2023-32762
Description:	An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-32762 https://codereview.qt-project.org/c/qt/qtbase/+/476140 https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305 https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html