PT-2025-48986 · Qt Company+1 · Qt+1
Published
2025-10-31
·
Updated
2026-06-01
·
CVE-2025-12385
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Qt versions 5.0.0 through 6.5.10
Qt versions 6.6.0 through 6.8.5
Qt versions 6.9.0 through 6.10.0
Description
A flaw exists in Qt’s Text component that involves improper validation of the width and height specified in the ![]()
tag. This can lead to excessive resource allocation, potentially causing applications to become unresponsive. The issue impacts users of the Text component across multiple platforms including Windows, MacOS, Linux, iOS, and Android, and affects both 32-bit and 64-bit architectures.
Recommendations
Update to a version beyond 6.5.10
Update to a version beyond 6.8.5
Update to a version beyond 6.10.0
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Qt