Primary

Context

Qt Denial-of-Service Vulnerability in QColorTransferGenericFunction

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Qt versions 6.6.0 through 6.8.3 and 6.9.0 through 6.9.1. The issue arises when values outside the expected range are passed to the QColorTransferGenericFunction, particularly through a crafted ICC profile using the QColorSpace::fromICCProfile method.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to become unresponsive or unavailable.

Remediation

Users can upgrade to Qt versions 6.8.4 or 6.9.2 to address this vulnerability.

Added: Jul 11, 2025, 7:17 AM

Updated: Jul 11, 2025, 7:17 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.1

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.1

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qt Denial-of-Service Vulnerability in QColorTransferGenericFunction

Vulnerability

Impact

Remediation

Affected Products

Qt

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating