CVE-2025-30348

Summary

encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

Affected Software

VendorProductVersion RangeStatus
QtQt0 < 5.15.19affected
QtQt6.0.0 < 6.5.9affected
QtQt6.6.0 < 6.8.0affected

Weaknesses

  • CWE-407: CWE-407 Inefficient Algorithmic Complexity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References