VYPR

Qtsvg

by Qt

Source repositories

CVEs (5)

  • CVE-2025-10729CriOct 3, 2025
    risk 0.61cvss epss 0.00

    The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free.

  • CVE-2025-10728CriOct 3, 2025
    risk 0.61cvss epss 0.00

    When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS

  • CVE-2021-28025Aug 11, 2023
    risk 0.00cvss epss 0.00

    Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).

  • CVE-2023-32573May 10, 2023
    risk 0.00cvss epss 0.01

    In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

  • CVE-2021-45930Dec 31, 2021
    risk 0.00cvss epss 0.01

    Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).