rpm package
almalinux/qt6-qtsvg
pkg:rpm/almalinux/qt6-qtsvg
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-10729 | Cri | — | < 6.8.1-1.el10_0.1 | 6.8.1-1.el10_0.1 | Oct 3, 2025 | The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free. | |
| CVE-2025-10728 | Cri | — | < 6.9.1-2.el10_1.2 | 6.9.1-2.el10_1.2 | Oct 3, 2025 | When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS |
- affected < 6.8.1-1.el10_0.1fixed 6.8.1-1.el10_0.1
The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free.
- affected < 6.9.1-2.el10_1.2fixed 6.9.1-2.el10_1.2
When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS