Approved changes feed: RSS · Atom

cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorQt (ac351d54-6a3a-5b90-a60b-6ef58ef23803)
ProductQt (fb46f139-0d7d-5cf6-a2f2-b5bc72f4c130)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/qtbase5-dev purl2cpe 2026-06-01 10:16:55.733720
pkg:deb/ubuntu/qtbase5-dev purl2cpe 2026-06-01 10:16:55.733722
pkg:github/qt/qt purl2cpe 2026-06-01 10:16:55.733723
pkg:github/qt/qt5 purl2cpe 2026-06-01 10:16:55.733725
pkg:qt/qt purl2cpe 2026-06-01 10:16:55.733726
pkg:rpm/fedora/qt5-qtbase purl2cpe 2026-06-01 10:16:55.733728
pkg:rpm/opensuse/qt5-qtbase purl2cpe 2026-06-01 10:16:55.733729

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-5683 vulnerable 2026-06-08 07:37:25.451284 Details available
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.
Published: 2025-06-05T05:31:13.926Z
Updated: 2025-06-05T17:54:16.536Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-30348 vulnerable 2026-06-08 07:16:59.782798 Details available
MEDIUM (5.8)
encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
Published: 2025-03-21T00:00:00.000Z
Updated: 2025-03-21T15:51:56.127Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-23050 vulnerable 2026-06-08 07:10:55.136821 Details available
LOW (3.1)
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2.
Published: 2025-10-31T00:00:00.000Z
Updated: 2025-10-31T16:47:22.226Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-39936 vulnerable 2026-06-08 06:41:51.915865 Details available
HIGH (8.6)
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
Published: 2024-07-04T00:00:00.000Z
Updated: 2025-11-29T13:09:32.668Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-36048 vulnerable 2026-06-08 06:39:43.556437 Details available
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
Published: 2024-05-18T00:00:00.000Z
Updated: 2025-11-04T22:06:19.365Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-25580 vulnerable 2026-06-08 06:31:23.303417 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-51714 vulnerable 2026-06-08 06:17:53.799648 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-43114 vulnerable 2026-06-08 06:11:10.930743 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-38197 vulnerable 2026-06-08 06:08:17.202367 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-37369 vulnerable 2026-06-08 06:08:15.199706 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-34410 vulnerable 2026-06-08 06:06:25.441845 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-33285 vulnerable 2026-06-08 06:06:22.178258 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-32763 vulnerable 2026-06-08 06:04:47.195280 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-32762 vulnerable 2026-06-08 06:04:47.194778 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-32573 vulnerable 2026-06-08 06:04:46.528552 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-24607 vulnerable 2026-06-08 05:56:06.150933 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-25634 vulnerable 2026-06-08 05:41:46.188264 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-25255 vulnerable 2026-06-08 05:41:45.615409 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38593 vulnerable 2026-06-08 05:33:47.929145 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-24742 vulnerable 2026-06-08 05:22:35.458109 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-17507 vulnerable 2026-06-08 05:20:56.620380 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-13962 vulnerable 2026-06-08 05:18:01.642940 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-0570 vulnerable 2026-06-08 05:16:31.630835 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-0569 vulnerable 2026-06-08 05:16:31.629463 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-21035 vulnerable 2026-06-08 05:11:28.360842 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-19873 vulnerable 2026-06-08 05:11:16.278415 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-19871 vulnerable 2026-06-08 05:11:16.274712 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-19870 vulnerable 2026-06-08 05:11:16.274072 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-19869 vulnerable 2026-06-08 05:11:16.273563 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-19865 vulnerable 2026-06-08 05:11:16.272014 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-15518 vulnerable 2026-06-08 05:10:54.971148 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-9541 vulnerable 2026-06-08 05:07:13.857596 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-1290 vulnerable 2026-06-08 05:06:25.295886 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0190 vulnerable 2026-06-08 05:05:12.122444 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2011-3193 vulnerable 2026-06-08 04:58:11.002247 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.