Fluid Attacks Database

Description

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	qtdeclarative-opensource-src	=5.15.10+dfsg-1 \|\| =5.15.10+dfsg-2 \|\| =5.15.10+dfsg-2+m68k \|\| =5.15.10+dfsg-2+m68k.1 \|\| =5.15.11+dfsg-1 \|\| =5.15.12+dfsg-1 \|\| =5.15.13+dfsg-1 \|\| =5.15.13+dfsg-2 \|\| =5.15.13+dfsg-2+hurd.1 \|\| =5.15.13+dfsg-2+loong64 \|\| =5.15.13+dfsg-2+m68k \|\| =5.15.15+dfsg-1 \|\| =5.15.15+dfsg-2 \|\| =5.15.15+dfsg-2+hurd.1 \|\| =5.15.15+dfsg-3 \|\| =5.15.15+dfsg-3+m68k \|\| =5.15.16+dfsg-1 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.17+dfsg-2+hurd.1 \|\| =5.15.17+dfsg-3 \|\| =5.15.17+dfsg-4 \|\| =5.15.18+dfsg-1 \|\| =5.15.18+dfsg-2 \|\| =5.15.8+dfsg-3 \|\| =5.15.9+dfsg-1	-
debian 12	qt6-declarative	=6.10.2+dfsg-1 \|\| =6.10.2+dfsg-2 \|\| =6.10.2+dfsg-3 \|\| =6.10.2+dfsg-4 \|\| =6.4.2+dfsg-1 \|\| =6.4.2+dfsg-2 \|\| =6.4.2+dfsg-3 \|\| =6.4.2+dfsg-4 \|\| =6.6.0+dfsg-1 \|\| =6.6.0+dfsg-2 \|\| =6.6.0+dfsg-3 \|\| =6.6.1+dfsg-1 \|\| =6.6.1+dfsg-2 \|\| =6.6.1+dfsg-3 \|\| =6.6.2+dfsg-1 \|\| =6.6.2+dfsg-2 \|\| =6.6.2+dfsg-3 \|\| =6.6.2+dfsg-4 \|\| =6.6.2+dfsg-4+hurd.1 \|\| =6.7.2+dfsg-1 \|\| =6.7.2+dfsg-10 \|\| =6.7.2+dfsg-10+hurd.1 \|\| =6.7.2+dfsg-11 \|\| =6.7.2+dfsg-2 \|\| =6.7.2+dfsg-3 \|\| =6.7.2+dfsg-4 \|\| =6.7.2+dfsg-5 \|\| =6.7.2+dfsg-6 \|\| =6.7.2+dfsg-7 \|\| =6.7.2+dfsg-8 \|\| =6.7.2+dfsg-9 \|\| =6.8.2+dfsg-1 \|\| =6.8.2+dfsg-2 \|\| =6.8.2+dfsg-3 \|\| =6.8.2+dfsg-4 \|\| =6.8.2+dfsg-5 \|\| =6.8.2+dfsg-6 \|\| =6.8.2+dfsg-6+alpha \|\| =6.8.2+dfsg-6+hurd.1 \|\| =6.8.2+dfsg-7 \|\| =6.8.2+dfsg-7+m68k \|\| =6.9.1+dfsg-1 \|\| =6.9.1+dfsg-2 \|\| =6.9.2+dfsg-1 \|\| =6.9.2+dfsg-2 \|\| =6.9.2+dfsg-3 \|\| =6.9.2+dfsg-4 \|\| =6.9.2+dfsg-5 \|\| =6.9.2+dfsg-6	-
debian 13	qtdeclarative-opensource-src-gles	=5.15.15+dfsg-2 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.18+dfsg-1	-
debian 13	qt6-declarative	=6.10.2+dfsg-1 \|\| =6.10.2+dfsg-2 \|\| =6.10.2+dfsg-3 \|\| =6.10.2+dfsg-4 \|\| =6.8.2+dfsg-7 \|\| =6.8.2+dfsg-7+m68k \|\| =6.9.1+dfsg-1 \|\| =6.9.1+dfsg-2 \|\| =6.9.2+dfsg-1 \|\| =6.9.2+dfsg-2 \|\| =6.9.2+dfsg-3 \|\| =6.9.2+dfsg-4 \|\| =6.9.2+dfsg-5 \|\| =6.9.2+dfsg-6	-
debian 14	qt6-declarative	=6.10.2+dfsg-1 \|\| =6.10.2+dfsg-2 \|\| =6.10.2+dfsg-3 \|\| =6.10.2+dfsg-4 \|\| =6.8.2+dfsg-7 \|\| =6.8.2+dfsg-7+m68k \|\| =6.9.1+dfsg-1 \|\| =6.9.1+dfsg-2 \|\| =6.9.2+dfsg-1 \|\| =6.9.2+dfsg-2 \|\| =6.9.2+dfsg-3 \|\| =6.9.2+dfsg-4 \|\| =6.9.2+dfsg-5 \|\| =6.9.2+dfsg-6	-
debian 11	qtdeclarative-opensource-src	=5.15.10+dfsg-1 \|\| =5.15.10+dfsg-2 \|\| =5.15.10+dfsg-2+m68k \|\| =5.15.10+dfsg-2+m68k.1 \|\| =5.15.11+dfsg-1 \|\| =5.15.12+dfsg-1 \|\| =5.15.13+dfsg-1 \|\| =5.15.13+dfsg-2 \|\| =5.15.13+dfsg-2+hurd.1 \|\| =5.15.13+dfsg-2+loong64 \|\| =5.15.13+dfsg-2+m68k \|\| =5.15.15+dfsg-1 \|\| =5.15.15+dfsg-2 \|\| =5.15.15+dfsg-2+hurd.1 \|\| =5.15.15+dfsg-3 \|\| =5.15.15+dfsg-3+m68k \|\| =5.15.16+dfsg-1 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.17+dfsg-2+hurd.1 \|\| =5.15.17+dfsg-3 \|\| =5.15.17+dfsg-4 \|\| =5.15.18+dfsg-1 \|\| =5.15.18+dfsg-2 \|\| =5.15.2+dfsg-10 \|\| =5.15.2+dfsg-6 \|\| =5.15.2+dfsg-7 \|\| =5.15.2+dfsg-8 \|\| =5.15.2+dfsg-9 \|\| =5.15.3+dfsg-1 \|\| =5.15.4+dfsg-1 \|\| =5.15.4+dfsg-2 \|\| =5.15.4+dfsg-3 \|\| =5.15.4+dfsg-4 \|\| =5.15.4+dfsg-4+m68k \|\| =5.15.5+dfsg-1 \|\| =5.15.6+dfsg-1 \|\| =5.15.6+dfsg-2 \|\| =5.15.6+dfsg-2+m68k \|\| =5.15.7+dfsg-1 \|\| =5.15.7+dfsg-2 \|\| =5.15.8+dfsg-1 \|\| =5.15.8+dfsg-2 \|\| =5.15.8+dfsg-2+m68k \|\| =5.15.8+dfsg-3 \|\| =5.15.9+dfsg-1	-
debian 13	qtdeclarative-opensource-src	=5.15.15+dfsg-3 \|\| =5.15.15+dfsg-3+m68k \|\| =5.15.16+dfsg-1 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.17+dfsg-2+hurd.1 \|\| =5.15.17+dfsg-3 \|\| =5.15.17+dfsg-4 \|\| =5.15.18+dfsg-1 \|\| =5.15.18+dfsg-2	-
debian 14	qtdeclarative-opensource-src	=5.15.15+dfsg-3 \|\| =5.15.15+dfsg-3+m68k \|\| =5.15.16+dfsg-1 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.17+dfsg-2+hurd.1 \|\| =5.15.17+dfsg-3 \|\| >=0 <5.15.17+dfsg-4	5.15.17+dfsg-4
debian 11	qtdeclarative-opensource-src-gles	=5.15.10+dfsg-1 \|\| =5.15.10+dfsg-2 \|\| =5.15.10+dfsg-3 \|\| =5.15.12+dfsg-1 \|\| =5.15.13+dfsg-1 \|\| =5.15.13+dfsg-2 \|\| =5.15.13+dfsg-3 \|\| =5.15.15+dfsg-1 \|\| =5.15.15+dfsg-2 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.18+dfsg-1 \|\| =5.15.2+dfsg-2 \|\| =5.15.2+dfsg-3 \|\| =5.15.3+dfsg-1 \|\| =5.15.4+dfsg-1 \|\| =5.15.4+dfsg-2 \|\| =5.15.5+dfsg-1 \|\| =5.15.6+dfsg-1 \|\| =5.15.6+dfsg-2 \|\| =5.15.7+dfsg-1 \|\| =5.15.7+dfsg-2 \|\| =5.15.8+dfsg-1 \|\| =5.15.9+dfsg-1	-
debian 12	qtdeclarative-opensource-src-gles	=5.15.10+dfsg-1 \|\| =5.15.10+dfsg-2 \|\| =5.15.10+dfsg-3 \|\| =5.15.12+dfsg-1 \|\| =5.15.13+dfsg-1 \|\| =5.15.13+dfsg-2 \|\| =5.15.13+dfsg-3 \|\| =5.15.15+dfsg-1 \|\| =5.15.15+dfsg-2 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.18+dfsg-1 \|\| =5.15.8+dfsg-1 \|\| =5.15.9+dfsg-1	-

1-10 of 11

Aliases

1. CVE-2025-123852. NVD-2025-123853. OSV-DEBIAN-2025-123854. OSV-2025-123855. SECURITY-TRACKER-CVE-2025-12385