CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-12385 – Improper validation of <img> tag size in Text component parser
https://notcve.org/view.php?id=CVE-2025-12385
03 Dec 2025 — Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0. Allo... • https://codereview.qt-project.org/c/qt/qtdeclarative/+/687239 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5455 – Possible denial of service when passing malformed data in a URL to qDecodeDataUrl
https://notcve.org/view.php?id=CVE-2025-5455
02 Jun 2025 — An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value (such as "data:charset,"), and Qt was built with assertions enabled, then it would hit an assertion, resulting in a denial of service (abort). This impacts Qt up to 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 and 6.9.0. This has been fixe... • https://codereview.qt-project.org/c/qt/qtbase/+/642006 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-4211 – Improper Link Resolution Before File Access in QFileSystemEngine on Windows
https://notcve.org/view.php?id=CVE-2025-4211
16 May 2025 — Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue originates from CVE-2024-38081. The vulnerability arises from the use of the GetTempPath API, which can be exploited by attackers to manipulate temporary file paths, potentially leading to unauthorized access and privilege escalation. The affected public API in the Qt Framework is QDir::tempPath() ... • https://codereview.qt-project.org/c/qt/qtbase/+/632231 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30348 – SUSE Security Advisory - SUSE-SU-2025:03599-1
https://notcve.org/view.php?id=CVE-2025-30348
21 Mar 2025 — encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data). This update for libqt5-qtbase fixes the following issues. Processing of malformed data in 'qDecodeDataUrl' can trigger assertion and cause a crash. Complex algorithm used in 'encodeText' in QDom when processing XML data can cause low performance. Other issues fixed. • https://codereview.qt-project.org/c/qt/qtbase/+/581442 • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 4.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23050 – openSUSE Security Advisory - openSUSE-SU-2025:14716-1
https://notcve.org/view.php?id=CVE-2025-23050
31 Jan 2025 — QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2. An update that fixes one vulnerability is now available. This update for qt6-connectivity fixes the following issues. Fixed buffer over-read and division by zero. • https://codereview.qt-project.org/q/QLowEnergyController • CWE-125: Out-of-bounds Read •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39936 – qtbase: qtbase: Delay any communication until encrypted() can be responded to
https://notcve.org/view.php?id=CVE-2024-39936
04 Jul 2024 — An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.. Se descubrió un problema en HTTP2 en Qt antes de 5.15.18, 6.x antes de 6.2.13, 6.3.x hasta 6.5.x antes de 6.5.7 y 6.6.x hasta 6.7.x antes de 6.7.3. El código para tomar decisiones relevantes para la... • https://codereview.qt-project.org/c/qt/qtbase/+/571601 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-51714 – qt: incorrect integer overflow check
https://notcve.org/view.php?id=CVE-2023-51714
24 Dec 2023 — An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. Se descubrió un problema en la implementación de HTTP2 en Qt antes de 5.15.17, 6.x antes de 6.2.11, 6.3.x hasta 6.5.x antes de 6.5.4 y 6.6.x antes de 6.6.2. network/access/http2/hpacktable.cpp tiene una comprobación de desbordamiento de enteros HPack incorrecta. An integer over... • https://codereview.qt-project.org/c/qt/qtbase/+/524864 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-43114
https://notcve.org/view.php?id=CVE-2023-43114
18 Sep 2023 — An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks. Se descubrió un problema en Qt antes de 5.15.16, 6.x antes de 6.2.10 y 6.3.x a 6.5.x antes de 6.5.3 en Windows. Cuando se utiliza el motor de fuentes GDI, si se carga una fuente dañada a través de QFontDatabase... • https://codereview.qt-project.org/c/qt/qtbase/+/503026 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-37369 – qtbase: buffer overflow in QXmlStreamReader
https://notcve.org/view.php?id=CVE-2023-37369
20 Aug 2023 — In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. A flaw was found in the qtbase package. When given specifically crafted data, the QXmlStreamReader can end up causing a buffer overflow and, subsequently, a crash. This update for libqt5-qtbase fixes the following issues. Fixed buffer overflow in QXmlStreamReader. • https://bugreports.qt.io/browse/QTBUG-114829 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38197 – qtbase: infinite loops in QXmlStreamReader
https://notcve.org/view.php?id=CVE-2023-38197
13 Jul 2023 — An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader() function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body. Well-formed but invalid XML files - with multiple DT... • https://codereview.qt-project.org/c/qt/qtbase/+/488960 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •