CVE-2025-3512
4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/U:Clear
Summary
There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Versions up to 6.6.0 are known to be unaffected, and the fix is in 6.8.4 and later.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| The Qt Company | Qt | 0 < 6.6.0 | unaffected |
| The Qt Company | Qt | 6.6.0 < 6.8.0 | unknown |
| The Qt Company | Qt | 6.8.0 < 6.8.4 | affected |
| The Qt Company | Qt | 6.8.4 | unaffected |
Weaknesses
- CWE-122: CWE-122 Heap-based Buffer Overflow
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2025/04/24/4
- http://www.openwall.com/lists/oss-security/2025/04/24/5
- http://www.openwall.com/lists/oss-security/2025/04/24/6
- http://www.openwall.com/lists/oss-security/2025/04/25/1
- http://www.openwall.com/lists/oss-security/2025/04/25/2
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.