Home

Description

When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.

PUBLISHED Reserved 2025-06-04 | Published 2025-06-05 | Updated 2025-06-05 | Assigner TQtC




MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L

Product status

Default status
unaffected

Any version before 6.3.0
unaffected

6.3.0 (python)
affected

6.5.10 (python)
unaffected

6.6.0 (python)
affected

6.8.5
unaffected

6.9.0
affected

6.9.1
unaffected

Credits

OSS Fuzz finder

References

issues.oss-fuzz.com/issues/415350704

codereview.qt-project.org/c/qt/qtimageformats/+/644548

cve.org (CVE-2025-5683)

nvd.nist.gov (CVE-2025-5683)

Download JSON