CVE-2025-30348

MEDIUM

Qt < 5.15.19 - Inefficient Algorithmic Complexity in QDom encodeText

Title source: llm

Description

encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

References (1)

Core 1

Core References

Patch

https://codereview.qt-project.org/c/qt/qtbase/+/581442

Scores

CVSS v3 5.8

EPSS 0.0032

EPSS Percentile 23.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-407

Status published

Products (1)

qt/qt < 5.15.19

Published Mar 21, 2025

Tracked Since Feb 18, 2026