WebSocket Denial of Service Vulnerability in Qt

WebSocket Denial of Service Vulnerability in Qt

CVE-2018-21035 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).

Learn more about our Web App Pen Testing.