Integer Overflow Vulnerability in QML QtScript Reflect API of Qt Project Qt 6.3.2

Integer Overflow Vulnerability in QML QtScript Reflect API of Qt Project Qt 6.3.2

CVE-2022-40983 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability.

Learn more about our Web App Pen Testing.