The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image tag or (2) XML stylesheet in an SVG file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | mumble | < 1.2.6-1 | mumble_1.2.6-1_all.deb |
Debian | 11 | all | mumble | < 1.2.6-1 | mumble_1.2.6-1_all.deb |
Debian | 10 | all | mumble | < 1.2.6-1 | mumble_1.2.6-1_all.deb |
Debian | 999 | all | mumble | < 1.2.6-1 | mumble_1.2.6-1_all.deb |
Debian | 13 | all | mumble | < 1.2.6-1 | mumble_1.2.6-1_all.deb |