CVE-2023-45872

An issue was discovered in Qt before 6.2.11 and 6.3.x through 6.6.x before 6.6.1. When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document, leading to a denial of service application crash if it is not actually an SVG document...

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

PT-2023-29737 · Qt Company · Qt

Name of the Vulnerable Software and Affected Versions: Qt versions prior to 6.2.11 Qt versions 6.3.x through 6.6.x before 6.6.1 Description: An issue was discovered in Qt when a QML image refers to an image whose content is not known yet, leading to an assumption that it is an SVG document. If th...

Security advisory: Loading invalid QML image source impacts Qt

An issue when loading an invalid QML image source has been reported and has been assigned the CVE id CVE-2023-45872. When an invalid source is used to indicate an image to be loaded is specified then it will end up trying to load it as a SVG file which will trigger a crash in Qt SVG. This does no...