Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-12385

Опубликовано: 03 дек. 2025
Источник: debian

Описание

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qt6-declarativeunfixedpackage
qt6-declarativeno-dsatrixiepackage
qt6-declarativeno-dsabookwormpackage
qtdeclarative-opensource-srcfixed5.15.17+dfsg-4package
qtdeclarative-opensource-srcno-dsatrixiepackage
qtdeclarative-opensource-srcno-dsabookwormpackage
qtdeclarative-opensource-srcpostponedbullseyepackage
qtdeclarative-opensource-src-glesfixed5.15.18+dfsg-1experimentalpackage
qtdeclarative-opensource-src-glesunfixedpackage
qtdeclarative-opensource-src-glesno-dsatrixiepackage
qtdeclarative-opensource-src-glesno-dsabookwormpackage
qtdeclarative-opensource-src-glespostponedbullseyepackage

Примечания

  • https://codereview.qt-project.org/c/qt/qtdeclarative/+/687239

  • https://codereview.qt-project.org/c/qt/qtdeclarative/+/687766

Связанные уязвимости

ubuntu логотип

CVE-2025-12385

ubuntu
2 месяца назад

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

nvd логотип

CVE-2025-12385

nvd
2 месяца назад

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

msrc логотип

CVE-2025-12385

msrc
2 месяца назад

Improper validation of <img> tag size in Text component parser

github логотип

GHSA-x9vj-67g7-457m

github
2 месяца назад

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.