ALT-PU-2025-2965-2
Closed vulnerabilities
Published: 2025-04-17
Modified: 2026-03-04
Modified: 2026-03-04
BDU:2025-04695
Уязвимость функции encrypted() кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (8.6)Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
References:
Published: 2025-12-19
BDU:2025-16090
Уязвимость пакета qt/qtbase библиотеки Qt, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2024-07-04
Modified: 2025-11-29
Modified: 2025-11-29
CVE-2024-39936
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
Severity: MEDIUM (5.9)Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2025-03-21
Modified: 2025-03-24
Modified: 2025-03-24
CVE-2025-30348
encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
Severity: MEDIUM (5.3)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References: