Azure Linux 3.0 Security Update: qtbase (CVE-2024-30161)

The version of qtbase installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-30161 advisory. - In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for...

EUVD-2025-16625

Malicious code in bioql PyPI...

Updated qtbase6 & qtbase5 packages fix security vulnerability

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

OESA-2025-1725 qt6-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...

AZL-64361 CVE-2025-5455 affecting package qt5-qtbase for versions less than 5.12.11-18

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)

...

Security advisory: Potential Use-After-Free issue in Qt for WebAssembly’s implementation of QNetworkReply

A recently reported potential Use-After-Free issue in Qt’s wasm implementation of QNetworkReply has been assigned the CVE id CVE-2024-30161. The issue was discovered in Qt versions 6.5.4, 6.5.5, and 6.6.2. QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly if...

SUSE-SU-2024:1174-1 Security update for qt6-base

This update for qt6-base fixes the following issues: - CVE-2024-30161: Fixed QNetworkReply header data access via a dangling pointer bsc1221926...

SUSE CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-30161

CVE-2024-30161 – Qt6 base (qt6-base) / QNetworkReply header data in Qt 6.5.4, 6.5.5, and 6.6.2 can be exposed via a dangling pointer when running Qt for WebAssembly (wasm). The root cause is a dangling pointer access to header data, affecting WebAssembly builds; earlier/later Qt versions are not ...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

Desktop Client: Improper validation of certificates when using self-signed certificates

The ownCloud Desktop Client was vulnerable against MITM attacks until version 1.8.2 in combination with self-signed certificates. To be exploitable the following conditions have to be met: The connection to the remote ownCloud server must be secured using a self-signed certificate which the user...

Improper validation of certificates when using self-signed certificates - ownCloud

The ownCloud Desktop Client was vulnerable against MITM attacks until version 1.8.2 in combination with self-signed certificates. To be exploitable the following conditions have to be met: The connection to the remote ownCloud server must be secured using a self-signed certificate which the user...