CVE-2025-30348

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-30348

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-30348.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-30348

Related

UBUNTU-CVE-2025-30348

Published

2025-03-21T07:15:37Z

Modified

2025-03-25T01:58:00.950539Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

References

Affected packages

Debian:12 / qt6-base

Package

Name: qt6-base
Purl: pkg:deb/debian/qt6-base?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.4.2+dfsg-10

6.4.2+dfsg-11~bpo11+1

6.4.2+dfsg-11

6.4.2+dfsg-12

6.4.2+dfsg-13

6.4.2+dfsg-14

6.4.2+dfsg-15

6.4.2+dfsg-16

6.4.2+dfsg-17

6.4.2+dfsg-18

6.4.2+dfsg-18+loong64

6.4.2+dfsg-19

6.4.2+dfsg-20

6.4.2+dfsg-21

6.4.2+dfsg-21.1

6.6.0+dfsg-1

6.6.0+dfsg-2

6.6.0+dfsg-3

6.6.0+dfsg-4

6.6.0+dfsg-5

6.6.0+dfsg-6

6.6.1+dfsg-1

6.6.1+dfsg-2

6.6.1+dfsg-3

6.6.1+dfsg-4

6.6.1+dfsg-5

6.6.1+dfsg-6

6.6.2+dfsg-1

6.6.2+dfsg-2

6.6.2+dfsg-3

6.6.2+dfsg-4

6.6.2+dfsg-5

6.6.2+dfsg-6

6.6.2+dfsg-7

6.6.2+dfsg-8

6.6.2+dfsg-9

6.6.2+dfsg-10

6.6.2+dfsg-11

6.6.2+dfsg-12

6.7.2+dfsg-1

6.7.2+dfsg-2

6.7.2+dfsg-3

6.7.2+dfsg-4

6.7.2+dfsg-4+m68k

6.7.2+dfsg-5

6.7.2+dfsg-6

6.8.2+dfsg-1

6.8.2+dfsg-2

6.8.2+dfsg-3

6.8.2+dfsg-4

6.8.2+dfsg-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / qt6-base

Package

Name: qt6-base
Purl: pkg:deb/debian/qt6-base?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.2+dfsg-5

Affected versions

6.*

6.4.2+dfsg-10

6.4.2+dfsg-11~bpo11+1

6.4.2+dfsg-11

6.4.2+dfsg-12

6.4.2+dfsg-13

6.4.2+dfsg-14

6.4.2+dfsg-15

6.4.2+dfsg-16

6.4.2+dfsg-17

6.4.2+dfsg-18

6.4.2+dfsg-18+loong64

6.4.2+dfsg-19

6.4.2+dfsg-20

6.4.2+dfsg-21

6.4.2+dfsg-21.1

6.6.0+dfsg-1

6.6.0+dfsg-2

6.6.0+dfsg-3

6.6.0+dfsg-4

6.6.0+dfsg-5

6.6.0+dfsg-6

6.6.1+dfsg-1

6.6.1+dfsg-2

6.6.1+dfsg-3

6.6.1+dfsg-4

6.6.1+dfsg-5

6.6.1+dfsg-6

6.6.2+dfsg-1

6.6.2+dfsg-2

6.6.2+dfsg-3

6.6.2+dfsg-4

6.6.2+dfsg-5

6.6.2+dfsg-6

6.6.2+dfsg-7

6.6.2+dfsg-8

6.6.2+dfsg-9

6.6.2+dfsg-10

6.6.2+dfsg-11

6.6.2+dfsg-12

6.7.2+dfsg-1

6.7.2+dfsg-2

6.7.2+dfsg-3

6.7.2+dfsg-4

6.7.2+dfsg-4+m68k

6.7.2+dfsg-5

6.7.2+dfsg-6

6.8.2+dfsg-1

6.8.2+dfsg-2

6.8.2+dfsg-3

6.8.2+dfsg-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/qt/qtbase

Affected ranges

Type: GIT
Repo: https://github.com/qt/qtbase
Events: Introduced

33f5e985e480283bb0ca9dea5f82643e825ba87c

Fixed

b839e9b36db3a4e50dfb34521d8ef8de1fd01969