An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-28T00:00:00
Updated: 2024-05-01T00:06:23.176268
Reserved: 2023-05-15T00:00:00
Link: CVE-2023-32762
JSON object: View
NVD Information
Status : Modified
Published: 2023-05-28T23:15:09.570
Modified: 2024-05-01T01:15:05.847
Link: CVE-2023-32762
JSON object: View
Redhat Information
No data.
CWE