{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5683", "assignerOrgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "state": "PUBLISHED", "assignerShortName": "TQtC", "dateReserved": "2025-06-04T13:23:27.988Z", "datePublished": "2025-06-05T05:31:13.926Z", "dateUpdated": "2025-06-05T17:54:16.536Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Qt", "vendor": "The Qt Company", "versions": [{"lessThan": "6.3.0", "status": "unaffected", "version": "0", "versionType": "python"}, {"lessThanOrEqual": "6.5.9", "status": "affected", "version": "6.3.0", "versionType": "python"}, {"status": "unaffected", "version": "6.5.10", "versionType": "python"}, {"lessThanOrEqual": "6.8.4", "status": "affected", "version": "6.6.0", "versionType": "python"}, {"status": "unaffected", "version": "6.8.5"}, {"status": "affected", "version": "6.9.0"}, {"status": "unaffected", "version": "6.9.1"}]}], "credits": [{"lang": "en", "type": "finder", "value": "OSS Fuzz"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash.&nbsp;<p>This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.</p>"}], "value": "When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash.\u00a0This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "shortName": "TQtC", "dateUpdated": "2025-06-05T05:31:13.926Z"}, "references": [{"url": "https://issues.oss-fuzz.com/issues/415350704"}, {"url": "https://codereview.qt-project.org/c/qt/qtimageformats/+/644548"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-770", "lang": "en", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-05T15:27:10.882912Z", "id": "CVE-2025-5683", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-05T17:54:16.536Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5683", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-05T15:27:10.882912Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-05T17:54:03.325Z"}}], "cna": {"source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "OSS Fuzz"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "The Qt Company", "product": "Qt", "versions": [{"status": "unaffected", "version": "0", "lessThan": "6.3.0", "versionType": "python"}, {"status": "affected", "version": "6.3.0", "versionType": "python", "lessThanOrEqual": "6.5.9"}, {"status": "unaffected", "version": "6.5.10", "versionType": "python"}, {"status": "affected", "version": "6.6.0", "versionType": "python", "lessThanOrEqual": "6.8.4"}, {"status": "unaffected", "version": "6.8.5"}, {"status": "affected", "version": "6.9.0"}, {"status": "unaffected", "version": "6.9.1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://issues.oss-fuzz.com/issues/415350704"}, {"url": "https://codereview.qt-project.org/c/qt/qtimageformats/+/644548"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash.\u00a0This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.", "supportingMedia": [{"type": "text/html", "value": "When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash.&nbsp;<p>This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.</p>", "base64": false}]}], "providerMetadata": {"orgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "shortName": "TQtC", "dateUpdated": "2025-06-05T05:31:13.926Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5683", "state": "PUBLISHED", "dateUpdated": "2025-06-05T17:54:16.536Z", "dateReserved": "2025-06-04T13:23:27.988Z", "assignerOrgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "datePublished": "2025-06-05T05:31:13.926Z", "assignerShortName": "TQtC"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "53FC5E20-94BF-4844-A132-44C7F35EB682", "versionEndExcluding": "6.5.10", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E43CF7A-0FD9-4F9A-BFC6-BF3817ACD288", "versionEndExcluding": "6.8.5", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "9926ACEA-9D90-4F30-8B40-6E6A3788CC56", "versionEndExcluding": "6.9.1", "versionStartIncluding": "6.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash.\u00a0This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1."}, {"lang": "es", "value": "Al cargar un archivo de imagen con formato ICNS especialmente manipulado en QImage, se produce un bloqueo. Este problema afecta a Qt desde la versi\u00f3n 6.3.0 hasta la 6.5.9, desde la 6.6.0 hasta la 6.8.4 y la 6.9.0. Se ha corregido en las versiones 6.5.10, 6.8.5 y 6.9.1."}], "id": "CVE-2025-5683", "lastModified": "2025-10-15T17:06:22.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "type": "Secondary"}]}, "published": "2025-06-05T06:15:27.517", "references": [{"source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "tags": ["Patch"], "url": "https://codereview.qt-project.org/c/qt/qtimageformats/+/644548"}, {"source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "tags": ["Issue Tracking", "Patch"], "url": "https://issues.oss-fuzz.com/issues/415350704"}], "sourceIdentifier": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "qt: Qt ICNS Image Crash Vulnerability", "id": "2370384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370384"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-770", "details": ["When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash.\u00a0This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.", "A flaw was found in qt. Loading a specially crafted ICNS image file within QImage results in a crash. This flaw allows a local attacker to provide a malicious image. The vulnerability is exploited via the image loading process, leading to application termination."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-5683", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "qt6", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "qt", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "qt3", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "qt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "qt3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "qt5", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "qt5", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-06-05T05:31:13Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-5683\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-5683\nhttps://codereview.qt-project.org/c/qt/qtimageformats/+/644548\nhttps://issues.oss-fuzz.com/issues/415350704"], "statement": "The vulnerability involves a crash triggered by a specifically crafted ICNS image file within QImage. While the attack vector is remote (AV:N) and requires no authentication (PR:N), user interaction (UI:R) is necessary to load the malicious image. This limits the ease of exploitation compared to vulnerabilities that allow for fully automated remote code execution. A crash, while disruptive, doesn\u2019t inherently lead to arbitrary code execution or data compromise. However, a denial of service is possible, and a determined attacker could potentially exploit the crash to gain further information or potentially escalate to a more severe outcome. Given the ubiquity of Qt in various applications, a crash vulnerability warrants a Moderate rating. The lack of authentication and remote attack vector are mitigating factors, but the potential for denial of service and the wide usage of Qt contribute to the overall risk.\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-770: Allocation of Resources Without Limits or Throttling vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nThe platform enforces hardening guidelines to apply the most restrictive settings required for operations, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect excessive resource usage caused by malicious activity or system misconfigurations. In the event of exploitation, process isolation ensures workloads operate in separate environments, preventing any single process from overconsuming CPU or memory and degrading system performance.", "threat_severity": "Moderate"}

{}