CVE-2020-13962

Source
https://cve.org/CVERecord?id=CVE-2020-13962
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13962.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-13962
Downstream
Related
Published
2020-06-09T00:15:10.123Z
Modified
2026-07-08T05:56:32.570200069Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.)

Database specific
{
    "unresolved_ranges": [
        {
            "vendor_product": "fedoraproject:fedora",
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "31"
                },
                {
                    "last_affected": "31"
                },
                {
                    "introduced": "32"
                },
                {
                    "last_affected": "32"
                },
                {
                    "introduced": "33"
                },
                {
                    "last_affected": "33"
                }
            ],
            "source": "CPE_STRING"
        },
        {
            "cpes": [
                "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*"
            ],
            "vendor_product": "opensuse:leap",
            "extracted_events": [
                {
                    "introduced": "15.2"
                },
                {
                    "last_affected": "15.2"
                }
            ],
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/mumble-voip/mumble

Affected ranges

Type
GIT
Repo
https://github.com/mumble-voip/mumble
Events
Database specific
{
    "cpe": "cpe:2.3:a:mumble:mumble:1.3.0:-:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.3.0-NA"
        },
        {
            "last_affected": "1.3.0-NA"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

1.*
1.3.0
1.3.0-NA

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13962.json"

Git / github.com/qt/qt5

Affected ranges

Type
GIT
Repo
https://github.com/qt/qt5
Events
Database specific
{
    "cpe": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "5.12.2"
        },
        {
            "fixed": "5.12.9"
        },
        {
            "introduced": "5.13.0"
        },
        {
            "last_affected": "5.13.2"
        },
        {
            "introduced": "5.14.0"
        },
        {
            "last_affected": "5.14.2"
        }
    ]
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13962.json"

Git / github.com/qt/qtbase

Affected ranges

Type
GIT
Repo
https://github.com/qt/qtbase
Events
Database specific
{
    "cpe": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "5.12.2"
        },
        {
            "fixed": "5.12.9"
        },
        {
            "introduced": "5.13.0"
        },
        {
            "last_affected": "5.13.2"
        },
        {
            "introduced": "5.14.0"
        },
        {
            "last_affected": "5.14.2"
        }
    ],
    "source": "CPE_RANGE"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13962.json"