CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value (such as "data:charset,"), and Qt was built with assertions enabled, then it would hit an assertion, resulting in a denial of service (abort). This impacts Qt up to 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 and 6.9.0. This has been fixed in 5.15.19, 6.5.9, 6.8.4 and 6.9.1.

CVSS

No CVSS.

References

Link	Resource
https://codereview.qt-project.org/c/qt/qtbase/+/642006

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Se encontró un problema en la función privada de la API qDecodeDataUrl() de QtCore, utilizada en QTextDocument y QNetworkReply, y, potencialmente, en el código de usuario. Si la función se llamaba con datos mal formados, por ejemplo, una URL que contenía un parámetro "charset" sin valor (como "data:charset,"), y Qt se compilaba con aserciones habilitadas, se encontraba con una aserción, lo que resultaba en una denegación de servicio (abortar). Esto afecta a Qt hasta las versiones 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 y 6.9.0. Se ha corregido en las versiones 5.15.19, 6.5.9, 6.8.4 y 6.9.1.

02 Jun 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-02 09:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-5455

Mitre link : CVE-2025-5455

CVE.ORG link : CVE-2025-5455

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2025-5455", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:M/U:Clear", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "CLEAR", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-02T09:15:21.493", "references": [{"url": "https://codereview.qt-project.org/c/qt/qtbase/+/642006", "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code.\n\nIf the function was called with malformed data, for example, an URL that\ncontained a \"charset\" parameter that lacked a value (such as\n\"data:charset,\"), and Qt was built with assertions enabled, then it would hit an assertion, resulting in a denial of service\n(abort).\n\nThis impacts Qt up to 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 and 6.9.0. This has been fixed in 5.15.19, 6.5.9, 6.8.4 and 6.9.1."}, {"lang": "es", "value": "Se encontr\u00f3 un problema en la funci\u00f3n privada de la API qDecodeDataUrl() de QtCore, utilizada en QTextDocument y QNetworkReply, y, potencialmente, en el c\u00f3digo de usuario. Si la funci\u00f3n se llamaba con datos mal formados, por ejemplo, una URL que conten\u00eda un par\u00e1metro \"charset\" sin valor (como \"data:charset,\"), y Qt se compilaba con aserciones habilitadas, se encontraba con una aserci\u00f3n, lo que resultaba en una denegaci\u00f3n de servicio (abortar). Esto afecta a Qt hasta las versiones 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 y 6.9.0. Se ha corregido en las versiones 5.15.19, 6.5.9, 6.8.4 y 6.9.1."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "a59d8014-47c4-4630-ab43-e1b13cbe58e3"}