Home

Description

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

PUBLISHED Reserved 2025-10-28 | Published 2025-12-03 | Updated 2025-12-03 | Assigner TQtC




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-770 Allocation of Resources Without Limits or Throttling

CWE-1284 Improper Validation of Specified Quantity in Input

Product status

Default status
unaffected

5.0.0 (python)
affected

6.6.0 (python)
affected

6.9.0 (python)
affected

References

codereview.qt-project.org/c/qt/qtdeclarative/+/687239

codereview.qt-project.org/c/qt/qtdeclarative/+/687766

cve.org (CVE-2025-12385)

nvd.nist.gov (CVE-2025-12385)