Описание
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOpsQPainterPath::Element::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
A flaw was found in qtsvg's qsvghandler.cpp module. An attacker who is able to submit a crafted image file to an application that uses qsvghandler could cause an out-of-bounds write and potential denial of service to occur, depending on the application.
Отчет
This flaw is out of support scope for versions of qt shipped with Red Hat Enterprise Linux 6 and 7 as it does not affect qt3, which does not have the qsvghandler.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | qt | Out of support scope | ||
| Red Hat Enterprise Linux 6 | qt3 | Not affected | ||
| Red Hat Enterprise Linux 7 | qt | Out of support scope | ||
| Red Hat Enterprise Linux 7 | qt3 | Not affected | ||
| Red Hat Enterprise Linux 7 | qt5-qtsvg | Out of support scope | ||
| Red Hat Enterprise Linux 9 | qt5-qtsvg | Not affected | ||
| Red Hat Enterprise Linux 8 | qt5-qtsvg | Fixed | RHSA-2022:1920 | 10.05.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-o ...
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
EPSS
7.5 High
CVSS3