CVE-2025-14575
Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading
An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory.
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Produtos afetados
The Qt Company · QtQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →