Vulnerability DatabaseCVE-2025-12385

CVE-2025-12385:
CBL Mariner vulnerability analysis and mitigation

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the tag could cause an application to become unresponsive.

This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Source: NVD

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

8.7

Score

Published December 3, 2025

Severity HIGH

CNA Score 8.7

Affected Technologies

CBL Mariner
Linux Debian

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 31.4

Exploitation Probability (EPSS) 0.1

Affected packages and libraries

qt5-qtdeclarative-debuginfo
qt6-declarative

Sources

NVD
CBL-Mariner
- CBL-Mariner 3.0 Severity HIGHHas FixAdded at: Dec 22, 2025
Debian Security Tracker
- Debian 11, 12, 13 Severity MEDIUMNo FixAdded at: Dec 07, 2025
- Debian 14 Has FixAdded at: Dec 07, 2025
Echo
- Echo No FixAdded at: Dec 07, 2025

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related CBL Mariner vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-68973	HIGH	7	NixOS	gnupg2-scdaemon	No	Yes	Dec 28, 2025
CVE-2025-13699	HIGH	7	MariaDB Server	mariadb1011-server-utils	No	Yes	Dec 23, 2025
CVE-2025-68343	MEDIUM	5.1	Linux Kernel	kernel-debug	No	Yes	Dec 23, 2025
CVE-2025-68972	MEDIUM	4.7	NixOS	gnupg2-dirmngr	No	Yes	Dec 27, 2025
CVE-2025-11961	LOW	1.9	CBL Mariner	libpcap-debugsource	No	Yes	Dec 31, 2025