PT-2023-9857 · Qt+3 · Qt Qtsvg+3
1Vanchen
·
Publicado
2023-08-11
·
Atualizado
2026-05-28
·
CVE-2021-28025
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2
Description
The issue is related to an Integer Overflow vulnerability in the qsvghandler.cpp component of Qt qtsvg, allowing local attackers to cause a denial of service (DoS). This vulnerability can be exploited by attackers to disrupt service.
Recommendations
For Qt qtsvg version 5.15.1, update to a version that fixes the Integer Overflow vulnerability in qsvghandler.cpp.
For Qt qtsvg version 6.0.0, update to a version that fixes the Integer Overflow vulnerability in qsvghandler.cpp.
For Qt qtsvg version 6.0.2, update to a version that fixes the Integer Overflow vulnerability in qsvghandler.cpp.
For Qt qtsvg version 6.2, update to a version that fixes the Integer Overflow vulnerability in qsvghandler.cpp.
As a temporary workaround, consider restricting access to the qsvghandler.cpp component until a patch is available.
Exploit
Correção
DoS
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Astra Linux
Debian
Qt Qtsvg
Red Os