Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3481

Опубликовано: 22 авг. 2022
Источник: debian
EPSS Низкий

Описание

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qtsvg-opensource-srcfixed5.15.2-3package
qtsvg-opensource-srcno-dsabusterpackage
qt4-x11removedpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1931444

  • https://bugreports.qt.io/browse/QTBUG-91507

  • https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=bfd6ee0d8cf34b63d32adf10ed93daa0086b359f (qt/qtsvg/dev)

  • https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=0fa522904d65b73d48d5fadf690131e9ebb58d2a (qt/qtsvg/6.0)

  • https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=9f7ccbfc68d20d0dc2ddc1e7dee5572dcf7dcd48 (qt/qtsvg/6.1)

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31668

  • https://codereview.qt-project.org/c/qt/qtsvg/+/337587

EPSS

Процентиль: 16%
0.00051
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-3481

CVSS3: 7.1
ubuntu
около 3 лет назад

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

redhat логотип

CVE-2021-3481

CVSS3: 7.1
redhat
больше 4 лет назад

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

nvd логотип

CVE-2021-3481

CVSS3: 7.1
nvd
около 3 лет назад

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

suse-cvrf логотип

openSUSE-SU-2021:3354-1

suse-cvrf
около 4 лет назад

Security update for libqt5-qtsvg

suse-cvrf логотип

openSUSE-SU-2021:1371-1

suse-cvrf
около 4 лет назад

Security update for libqt5-qtsvg

EPSS

Процентиль: 16%
0.00051
Низкий