exploitDog

RLSA-2025:22394

Опубликовано: 02 дек. 2025

Источник: rocky

Оценка: Moderate

Описание

Moderate: qt6-qtsvg security update

Scalable Vector Graphics (SVG) is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices.

Security Fix(es):

qtsvg: Uncontrolled recursion in Qt SVG module (CVE-2025-10728)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 10

Наименование	Архитектура	Релиз	RPM
qt6-qtsvg	x86_64	2.el10_1.2	qt6-qtsvg-6.9.1-2.el10_1.2.x86_64.rpm
qt6-qtsvg-devel	x86_64	2.el10_1.2	qt6-qtsvg-devel-6.9.1-2.el10_1.2.x86_64.rpm

Показывать по

Связанные CVE

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2401244
Red Hat - 2401244

Связанные уязвимости

CVE-2025-10728

ubuntu

4 месяца назад

When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively leading to stack overflow DoS

CVE-2025-10728

nvd

4 месяца назад

When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively leading to stack overflow DoS

CVE-2025-10728

msrc

4 месяца назад

Uncontrolled recursion in Qt SVG module

CVE-2025-10728

debian

4 месяца назад

When the module renders a Svg file that contains a <pattern> element, ...

GHSA-x6f6-j278-6544

github

4 месяца назад

When the module renders a Svg file that contains a <pattern> element, it might end up rendering it recursively leading to stack overflow DoS