Site icon API Security Blog

RHEL 7 : qt5-qtwebsockets (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages therefore attacker can cause DOS (CVE-2018-21035) Note that Nessus has not tested for this issue but has instead relied on the package manager's report that the package is…Read More

Exit mobile version