87 matches found
qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file
A flaw was found in the Qt SVG module and the VectorImage component in Qt Quick. This vulnerability allows a remote attacker to inject arbitrary QML/JavaScript code by tricking a user into loading a specially crafted malicious SVG file. Successful exploitation could lead to denial of service,...
SUSE CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576
A flaw was found in the Qt SVG module and the VectorImage component in Qt Quick. This vulnerability allows a remote attacker to inject arbitrary QML/JavaScript code by tricking a user into loading a specially crafted malicious SVG file. Successful exploitation could lead to denial of service,...
DEBIAN-CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576 Possible QML code injection in VectorImage component
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
EUVD-2025-209594
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
[SECURITY] Fedora 44 Update: qt6-qtwebview-6.10.3-1.fc44
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
[SECURITY] Fedora 44 Update: qt6-qtsensors-6.10.3-1.fc44
The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...
[SECURITY] Fedora 44 Update: qt6-qtlottie-6.10.3-1.fc44
Qt Lottie Animation provides a QML API for rendering graphics and animations that are exported in JSON format by the Bodymovin plugin for Adobe After Effects...
[SECURITY] Fedora 44 Update: qt6-qtcharts-6.10.3-1.fc44
Qt Charts module provides a set of easy to use chart components. It uses the Qt Graphics View Framework, therefore charts can be easily integrated to modern user interfaces. Qt Charts can be used as QWidgets, QGra phicsWidget, or QML types. Users can easily create impressive graphs by selecting o...
[SECURITY] Fedora 42 Update: qt5-qtwebview-5.15.18-1.fc42
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
[SECURITY] Fedora 42 Update: qt5-qtsensors-5.15.18-1.fc42
The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...
[SECURITY] Fedora 42 Update: qt5-qtgamepad-5.15.18-1.fc42
Qt Gamepad provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
[SECURITY] Fedora 42 Update: qt5-qtcharts-5.15.18-1.fc42
Qt Charts module provides a set of easy to use chart components. It uses the Qt Graphics View Framework, therefore charts can be easily integrated to modern user interfaces. Qt Charts can be used as QWidgets, QGra phicsWidget, or QML types. Users can easily create impressive graphs by selecting o...
[SECURITY] Fedora 42 Update: qt6-qtwebview-6.9.3-1.fc42
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
[SECURITY] Fedora 42 Update: qt6-qtwebchannel-6.9.3-1.fc42
The Qt WebChannel module provides a library for seamless integration of C++ and QML applications with HTML/JavaScript clients. Any QObject can be published to remote clients, where its public API becomes available...
[SECURITY] Fedora 42 Update: qt6-qtlottie-6.9.3-1.fc42
Qt Lottie Animation provides a QML API for rendering graphics and animations that are exported in JSON format by the Bodymovin plugin for Adobe After Effects...
[SECURITY] Fedora 42 Update: qt6-qtcharts-6.9.3-1.fc42
Qt Charts module provides a set of easy to use chart components. It uses the Qt Graphics View Framework, therefore charts can be easily integrated to modern user interfaces. Qt Charts can be used as QWidgets, QGra phicsWidget, or QML types. Users can easily create impressive graphs by selecting o...
Malicious code in @zalastax/nolb-qml (npm)
The package @zalastax/nolb-qml was found to contain malicious code...