VYPR

rpm package

opensuse/qt6-svg&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/qt6-svg&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2026-6210HigMay 6, 2026
    affected < 6.11.0-2.1fixed 6.11.0-2.1

    A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker* without verifying the node type. A non-marker

  • CVE-2025-10729CriOct 3, 2025
    affected < 6.10.0-1.1fixed 6.10.0-1.1

    The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free.

  • CVE-2025-10728CriOct 3, 2025
    affected < 6.10.0-1.1fixed 6.10.0-1.1

    When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS