27 matches found
Astra Linux - уязвимость в qtbase-opensource-src
A issue was discovered in the private API function qDecodeDataUrl within QtCore, which is used in QTextDocument and QNetworkReply, and potentially in user code as well. If this function is called with malformed data—for example, a URL that contains a “charset” parameter without a value e.g.,...
KCoreAddons 安全漏洞
KCoreAddons is an open-source toolset based on QtCore, published on the KDE GitHub mirror. Versions of KCoreAddons prior to 6.25 contained security vulnerabilities. These vulnerabilities stemmed from the KShell::quoteArgs method not properly handling metacharacters, which could allow exploitation...
Fedora: Security Advisory (FEDORA-2025-9a46af550f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2025-2545 qt5-qtbase security update
Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...
Fedora 41 : qt5-qtbase (2025-26e2e0c477)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-26e2e0c477 advisory. Fix CVE-2025-5455 - QtCore Assertion Failure Denial of Service Tenable has extracted the preceding description block directly from the Fedora securi...
RLSA-2025:9462 Moderate: qt5-qtbase security update
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt5: qt6: QtCore Assertion Failure Denial of Service CVE-2025-5455 For more details about the security issues, including the impact, a CVSS...
RockyLinux 10 : qt6-qtbase (RLSA-2025:9486)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9486 advisory. qt5: qt6: QtCore Assertion Failure Denial of Service CVE-2025-5455 Tenable has extracted the preceding description block directly from the RockyLinux security...
RockyLinux 9 : qt5-qtbase (RLSA-2025:9462)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9462 advisory. qt5: qt6: QtCore Assertion Failure Denial of Service CVE-2025-5455 Tenable has extracted the preceding description block directly from the RockyLinux security...
EUVD-2025-16625
Malicious code in bioql PyPI...
qt6-qtbase security update
An update is available for qt6-qtbase. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Qt is a software toolkit for developing applications. This package contai...
CBL Mariner 2.0 Security Update: qt5-qtbase / qtbase (CVE-2025-5455)
The version of qt5-qtbase / qtbase installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5455 advisory. - An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in...
Updated qtbase6 & qtbase5 packages fix security vulnerability
An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...
OESA-2025-1757 qt6-qtbase security update
Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...
OESA-2025-1725 qt6-qtbase security update
Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...
RHEL 10 : qt6-qtbase (RHSA-2025:9486)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9486 advisory. Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. Security Fixes: qt5:...
qt6-qtbase: qt5-qtbase: QtCore Assertion Failure Denial of Service
A flaw was found in QtCore's qDecodeDataUrl function. This vulnerability allows an application level denial of service via a malformed data URL with a missing charset value when assertions are enabled...
ALSA-2025:9462 Moderate: qt5-qtbase security update
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt5: qt6: QtCore Assertion Failure Denial of Service CVE-2025-5455 For more details about the security issues, including the impact, a CVSS...
SUSE CVE-2025-5455
An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...
CVE-2025-5455
An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...
AZL-64361 CVE-2025-5455 affecting package qt5-qtbase for versions less than 5.12.11-18
An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...