← volver
CVE-2025-3512

Buffer overflow in QTextMarkdownImporter

CVSS 4.8 MEDIUMEPSS 0.2%CWE-122
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 abr 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Versions up to 6.6.0 are known to be unaffected, and the fix is in 6.8.4 and later.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/U:Clear
Productos afectados
The Qt Company · Qt

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://codereview.qt-project.org/c/qt/qtbase/+/635546http://www.openwall.com/lists/oss-security/2025/04/24/4http://www.openwall.com/lists/oss-security/2025/04/24/5http://www.openwall.com/lists/oss-security/2025/04/24/6http://www.openwall.com/lists/oss-security/2025/04/25/1http://www.openwall.com/lists/oss-security/2025/04/25/2