{"id":"CVE-2020-0570","details":"Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.","modified":"2026-04-16T04:36:38.187612676Z","published":"2020-09-14T19:15:10.583Z","related":["ALSA-2020:4690","openSUSE-SU-2024:10975-1"],"references":[{"type":"ADVISORY","url":"https://lists.qt-project.org/pipermail/development/2020-January/038534.html"},{"type":"FIX","url":"https://bugreports.qt.io/browse/QTBUG-81272"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800604"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/qt/qtbase","events":[{"introduced":"50117d738af526cbfbd5afa50b9a501acb0fb9ce"},{"fixed":"1bf5d3af1a4ec307bb77e1b54bb1f723c3eef481"},{"introduced":"fc9ae22c88dd085c7c31599037132fc756feeb04"},{"fixed":"2a887a517eaaa2c5324aecf3b919899b7a86ff4a"}],"database_specific":{"versions":[{"introduced":"5.10.0"},{"fixed":"5.12.7"},{"introduced":"5.13.0"},{"fixed":"5.14.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-0570.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9.10"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"vanir_signatures_modified":"2026-04-11T15:27:38Z","vanir_signatures":[{"source":"https://github.com/qt/qtbase/commit/2a887a517eaaa2c5324aecf3b919899b7a86ff4a","target":{"file":"src/corelib/time/qcalendar.cpp","function":"QCalendarBackend::fromEnum"},"deprecated":false,"signature_type":"Function","signature_version":"v1","id":"CVE-2020-0570-c7889054","digest":{"length":891,"function_hash":"71332152841244748522602606891732985491"}},{"source":"https://github.com/qt/qtbase/commit/2a887a517eaaa2c5324aecf3b919899b7a86ff4a","digest":{"threshold":0.9,"line_hashes":["126256747252800817208418696187723556533","150756843560902081956306707431697914063","336797157278032097828194484489526761035","206439151709090235265677738535943131187","114906715666850331827204257559836080037","134665350989241518761002595505043291334","337821674886944546617969196960834263196","274920186207822786761532454224035700681"]},"deprecated":false,"target":{"file":"src/corelib/time/qcalendar.cpp"},"signature_version":"v1","id":"CVE-2020-0570-e28156da","signature_type":"Line"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}