{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-10728", "assignerOrgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "state": "PUBLISHED", "assignerShortName": "TQtC", "dateReserved": "2025-09-19T14:01:04.716Z", "datePublished": "2025-10-03T14:35:02.539Z", "dateUpdated": "2025-10-06T11:02:30.763Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Qt SVG"], "product": "Qt", "vendor": "The Qt Company", "versions": [{"lessThanOrEqual": "6.8.4", "status": "affected", "version": "6.7.0", "versionType": "python"}, {"lessThanOrEqual": "6.9.2", "status": "affected", "version": "6.9.0", "versionType": "python"}]}], "credits": [{"lang": "en", "type": "finder", "value": "OSS-Fuzz"}, {"lang": "en", "type": "finder", "value": "Oddmund Skogen"}], "datePublic": "2025-10-03T14:34:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "When the module renders a Svg file that contains a &lt;pattern&gt; element, it might end up rendering it recursively&nbsp;leading to stack overflow DoS"}], "value": "When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively\u00a0leading to stack overflow DoS"}], "impacts": [{"capecId": "CAPEC-230", "descriptions": [{"lang": "en", "value": "CAPEC-230 Serialized Data with Nested Payloads"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "PRESENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 9.4, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/RE:H/U:Red", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "HIGH"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "shortName": "TQtC", "dateUpdated": "2025-10-06T11:02:30.763Z"}, "references": [{"url": "https://codereview.qt-project.org/c/qt/qtsvg/+/654200"}], "source": {"discovery": "UNKNOWN"}, "title": "Uncontrolled recursion in Qt SVG module", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-03T14:43:30.229164Z", "id": "CVE-2025-10728", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-03T14:43:41.418Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-10728", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-03T14:43:30.229164Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-03T14:43:33.981Z"}}], "cna": {"title": "Uncontrolled recursion in Qt SVG module", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "OSS-Fuzz"}, {"lang": "en", "type": "finder", "value": "Oddmund Skogen"}], "impacts": [{"capecId": "CAPEC-230", "descriptions": [{"lang": "en", "value": "CAPEC-230 Serialized Data with Nested Payloads"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "PRESENT", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/RE:H/U:Red", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "The Qt Company", "modules": ["Qt SVG"], "product": "Qt", "versions": [{"status": "affected", "version": "6.7.0", "versionType": "python", "lessThanOrEqual": "6.8.4"}, {"status": "affected", "version": "6.9.0", "versionType": "python", "lessThanOrEqual": "6.9.2"}], "defaultStatus": "unaffected"}], "datePublic": "2025-10-03T14:34:00.000Z", "references": [{"url": "https://codereview.qt-project.org/c/qt/qtsvg/+/654200"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively\u00a0leading to stack overflow DoS", "supportingMedia": [{"type": "text/html", "value": "When the module renders a Svg file that contains a &lt;pattern&gt; element, it might end up rendering it recursively&nbsp;leading to stack overflow DoS", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion"}]}], "providerMetadata": {"orgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "shortName": "TQtC", "dateUpdated": "2025-10-06T11:02:30.763Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10728", "state": "PUBLISHED", "dateUpdated": "2025-10-06T11:02:30.763Z", "dateReserved": "2025-09-19T14:01:04.716Z", "assignerOrgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "datePublished": "2025-10-03T14:35:02.539Z", "assignerShortName": "TQtC"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively\u00a0leading to stack overflow DoS"}], "id": "CVE-2025-10728", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "PRESENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.4, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:X/R:X/V:X/RE:H/U:Red", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "HIGH"}, "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "type": "Secondary"}]}, "published": "2025-10-03T16:16:16.603", "references": [{"source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "url": "https://codereview.qt-project.org/c/qt/qtsvg/+/654200"}], "sourceIdentifier": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-674"}], "source": "a59d8014-47c4-4630-ab43-e1b13cbe58e3", "type": "Secondary"}]}

{"bugzilla": {"description": "qtsvg: Uncontrolled recursion in Qt SVG module", "id": "2401244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401244"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-674", "details": ["When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively\u00a0leading to stack overflow DoS"], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-10728", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "qt6-qtsvg", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "qt5-qtsvg", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "qt5-qtsvg", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "qt5-qtsvg", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-10-03T14:35:02Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-10728\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-10728\nhttps://codereview.qt-project.org/c/qt/qtsvg/+/654200"], "statement": "The only discussed impact is to program availability. It is unclear why the upstream advisory indicates confidentiality and integrity impact.", "threat_severity": "Moderate"}

{"created": "2025-10-06T14:43:05.654433+00:00", "updated": "2025-10-06T14:43:05.654490+00:00", "vendors": ["qt", "qt$PRODUCT$qt"]}