vulnerability
Red Hat: CVE-2020-24742: qt: QPluginLoader loads plugins relative to CWD which could result in arbitrary code execution
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Aug 9, 2021 | Jul 9, 2025 | Jul 9, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Aug 9, 2021
Added
Jul 9, 2025
Modified
Jul 9, 2025
Description
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
Solution
no-fix-redhat-rpm-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.