| Release | Version |
|---|---|
| bullseye | 4.2.5-0.1 |
| bookworm | 4.5.2-3+deb12u1 |
| trixie | 5.1.0-2 |
| forky | 5.1.2-1 |
| sid | 5.1.2-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-54310 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | qBittorrent before 5.1.2 does not prevent access to a local file that ... |
| CVE-2024-51774 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | qBittorrent before 5.0.1 proceeds with use of https URLs even after ce ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-30801 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | All versions of the qBittorrent client through 4.5.5 use default crede ... |
| Bug | Description |
|---|---|
| CVE-2019-13640 | In qBittorrent before 4.1.7, the function Application::runExternalProg ... |
| CVE-2017-15011 | The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and S ... |
| CVE-2017-6504 | WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options hea ... |
| CVE-2017-6503 | WebUI in qBittorrent before 3.3.11 did not escape many values, which c ... |
| DSA / DLA | Description |
|---|---|
| DSA-4650-1 | qbittorrent - security update |
| DLA-897-1 | qbittorrent - security update |