CVE-2022-25255
CVE-2022-25255
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://codereview.qt-project.org/c/qt/qtbase/+/393113https://codereview.qt-project.org/c/qt/qtbase/+/394914https://codereview.qt-project.org/c/qt/qtbase/+/396020https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diffhttps://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff