CVE-2024-25580
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-25580
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-25580.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-25580
- Downstream
- Related
- Published
- 2024-03-27T03:15:12.007Z
- Modified
- 2025-12-09T12:04:45.177946Z
- Severity
-
- 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYE2NMN67DYHYJKLAKLGR64OYI7A63AH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZWTGLKC3WBDHZ5OJRSEB2QUR7XXZDLZV/
- https://www.qt.io/blog/security-advisory-potential-buffer-overflow-when-reading-ktx-images
Affected packages
Git / github.com/qt/qt5
Affected versions
v5.*
v5.11.2
v5.11.3
v5.12.0
v5.12.1
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.13.0
v5.13.0-alpha1
v5.13.0-beta1
v5.13.0-beta2
v5.13.0-beta3
v5.13.0-beta4
v5.13.0-rc1
v5.13.0-rc2
v5.13.0-rc3
v5.13.1
v5.14.0
v5.14.0-alpha1
v5.14.0-beta1
v5.14.0-beta2
v5.14.0-beta3
v5.14.0-rc1
v5.14.0-rc2
v5.14.1
v5.14.2
v5.15.0
v5.15.0-alpha1
v5.15.0-beta1
v5.15.0-beta2
v5.15.0-beta3
v5.15.0-beta4
v5.15.0-rc1
v5.15.0-rc2
v5.15.10-lts-lgpl
v5.15.11-lts-lgpl
v5.15.12-lts-lgpl
v5.15.13-lts-lgpl
v5.15.14-lts-lgpl
v5.15.15-lts-lgpl
v5.15.16-lts-lgpl
v5.15.3-lts-lgpl
v5.15.4-lts-lgpl
v5.15.5-lts-lgpl
v5.15.6-lts-lgpl
v5.15.7-lts-lgpl
v5.15.8-lts-lgpl
v5.15.9-lts-lgpl
Git / github.com/qt/qtbase
Affected versions
v5.*
v5.11.3
v5.12.0
v5.12.1
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.13.0
v5.13.0-alpha1
v5.13.0-beta1
v5.13.0-beta2
v5.13.0-beta3
v5.13.0-beta4
v5.13.0-rc1
v5.13.0-rc2
v5.13.0-rc3
v5.13.1
v5.13.2
v5.14.0
v5.14.0-alpha1
v5.14.0-beta1
v5.14.0-beta2
v5.14.0-beta3
v5.14.0-rc1
v5.14.0-rc2
v5.14.1
v5.14.2
v5.15.0
v5.15.0-alpha1
v5.15.0-beta1
v5.15.0-beta2
v5.15.0-beta3
v5.15.0-beta4
v5.15.0-rc1
v5.15.0-rc2
v5.15.10-lts-lgpl
v5.15.11-lts-lgpl
v5.15.12-lts-lgpl
v5.15.13-lts-lgpl
v5.15.14-lts-lgpl
v5.15.15-lts-lgpl
v5.15.16-lts-lgpl
v5.15.3-lts-lgpl
v5.15.4-lts-lgpl
v5.15.5-lts-lgpl
v5.15.6-lts-lgpl
v5.15.7-lts-lgpl
v5.15.8-lts-lgpl
v5.15.9-lts-lgpl