[Interest] Questions regarding "Improper Link Resolution Before File Access in QFileSystemEngine"
Schimkowitsch Robert
Robert.Schimkowitsch at andritz.com
Wed May 7 14:16:08 CEST 2025
Hi!
Regarding CVE-2025-4211, “Improper Link Resolution Before File Access in QFileSystemEngine”, could someone elaborate what public APIs are affected? The mentioned QFileSystemEngine is not a public API, so which public APIs use it internally?
Since the issue mentions GetTempPath, which sounds like it would only affect usages that are related to temporary files and folders. Is this assessment correct?
Kind regards
Robert Schimkowitsch
________________________________
This message and any attachments are solely for the use of the intended recipients. They may contain privileged and/or confidential information or other information protected from disclosure. If you are not an intended recipient, you are hereby notified that you received this email in error and that any review, dissemination, distribution or copying of this email and any attachment is strictly prohibited. If you have received this email in error, please contact the sender and delete the message and any attachment from your system.
ANDRITZ HYDRO GmbH
Rechtsform/ Legal form: Gesellschaft mit beschränkter Haftung / Corporation
Firmensitz/ Registered seat: Wien
Firmenbuchgericht/ Court of registry: Handelsgericht Wien
Firmenbuchnummer/ Company registration: FN 61833 g
DVR: 0605077
UID-Nr.: ATU14756806
Thank You
________________________________
More information about the Interest
mailing list