Vulnerabilities > CVE-2022-25255 - Unspecified vulnerability in QT
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | Qt
| 144 |
OS | 1 | |
OS | 1 |
References
- https://codereview.qt-project.org/c/qt/qtbase/+/393113
- https://codereview.qt-project.org/c/qt/qtbase/+/393113
- https://codereview.qt-project.org/c/qt/qtbase/+/394914
- https://codereview.qt-project.org/c/qt/qtbase/+/394914
- https://codereview.qt-project.org/c/qt/qtbase/+/396020
- https://codereview.qt-project.org/c/qt/qtbase/+/396020
- https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff
- https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff
- https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff
- https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff