[Git][security-tracker-team/security-tracker][master] Add CVE-2025-12385/QT

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
62dc7f1a by Salvatore Bonaccorso at 2025-12-05T08:28:31+01:00
Add CVE-2025-12385/QT

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -578,7 +578,11 @@ CVE-2025-12819 (Untrusted search path in auth_query connection handler in PgBoun
 CVE-2025-12744 (A flaw was found in the ABRT daemon\u2019s handling of user-supplied m ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2025-12385 (Allocation of Resources Without Limits or Throttling, Improper Validat ...)
-	TODO: check
+	- qt6-declarative <unfixed>
+	- qtdeclarative-opensource-src <unfixed>
+	- qtdeclarative-opensource-src-gles <unfixed>
+	NOTE: https://codereview.qt-project.org/c/qt/qtdeclarative/+/687239
+	NOTE: https://codereview.qt-project.org/c/qt/qtdeclarative/+/687766
 CVE-2025-12358 (The ShopEngine Elementor WooCommerce Builder Addon plugin for WordPres ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12084 (When building nested elements using xml.dom.minidom methods such as ap ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62dc7f1a2efeec1d4d275b50aea6c260439de66c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62dc7f1a2efeec1d4d275b50aea6c260439de66c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251205/ad551ed9/attachment.htm>