CVE-2022-25634
HIGHQt < 5.15.8 - Path Traversal via System Library File Loading
Title source: llmDescription
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.
References (5)
Core 5
Core References
Patch, Vendor Advisory x_refsource_confirm
https://codereview.qt-project.org/c/qt/qtbase/+/396440
Patch, Vendor Advisory x_refsource_confirm
https://codereview.qt-project.org/c/qt/qtbase/+/396689
Patch, Vendor Advisory x_refsource_confirm
https://download.qt.io/official_releases/qt/6.2/CVE-2022-25643-6.2.diff
Broken Link x_refsource_confirm
https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/396690
Patch, Vendor Advisory x_refsource_confirm
https://download.qt.io/official_releases/qt/5.15/CVE-2022-25643-5.15.diff
Scores
CVSS v3
7.5
EPSS
0.0188
EPSS Percentile
76.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
qt/qt
< 5.15.8
Published
Mar 02, 2022
Tracked Since
Feb 18, 2026