An update for qt6-qtdeclarative is now available for openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-2845 Final 1.0 1.0 2025-12-12 Initial 2025-12-12 2025-12-12 openEuler SA Tool V1.0 2025-12-12 qt6-qtdeclarative security update An update for qt6-qtdeclarative is now available for openEuler-24.03-LTS . Security Fix(es): Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.(CVE-2025-12385) An update for qt6-qtdeclarative is now available for openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium qt6-qtdeclarative https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2845 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-12385 https://nvd.nist.gov/vuln/detail/CVE-2025-12385 openEuler-24.03-LTS qt6-qtdeclarative-6.5.2-2.oe2403.aarch64.rpm qt6-qtdeclarative-debuginfo-6.5.2-2.oe2403.aarch64.rpm qt6-qtdeclarative-debugsource-6.5.2-2.oe2403.aarch64.rpm qt6-qtdeclarative-devel-6.5.2-2.oe2403.aarch64.rpm qt6-qtdeclarative-examples-6.5.2-2.oe2403.aarch64.rpm qt6-qtdeclarative-static-6.5.2-2.oe2403.aarch64.rpm qt6-qtdeclarative-6.5.2-2.oe2403.src.rpm qt6-qtdeclarative-6.5.2-2.oe2403.x86_64.rpm qt6-qtdeclarative-debuginfo-6.5.2-2.oe2403.x86_64.rpm qt6-qtdeclarative-debugsource-6.5.2-2.oe2403.x86_64.rpm qt6-qtdeclarative-devel-6.5.2-2.oe2403.x86_64.rpm qt6-qtdeclarative-examples-6.5.2-2.oe2403.x86_64.rpm qt6-qtdeclarative-static-6.5.2-2.oe2403.x86_64.rpm Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0. 2025-12-12 CVE-2025-12385 openEuler-24.03-LTS Medium 5.0 AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H qt6-qtdeclarative security update 2025-12-12 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2845