VDB
GCVE-110-MAGEIA-2025-212
GCVE-110-MAGEIA-2025-212
Advisory Published
An issue was found in the private API function qDecodeDataUrl() in
QtCore, which is used in QTextDocument and QNetworkReply, and,
potentially, in user code. If the function was called with malformed
data, for example, an URL that contained a "charset" parameter that
lacked a value (such as "data:charset,"), and Qt was built with
assertions enabled, then it would hit an assertion, resulting in a
denial of service (abort). This impacts Qt up to 5.15.18, 6.0.0->6.5.8,
6.6.0->6.8.3 and 6.9.0.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | qtbase5 | 5.15.7-6.2.mga9 (unaffected), 0 (affected) | — |
| Mageia | qtbase6 | 0 (affected), 6.4.1-5.2.mga9 (unaffected) | — |
Aliases
Browse GCVE Records
72,921 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.