52 matches found
qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file
A flaw was found in the Qt SVG module and the VectorImage component in Qt Quick. This vulnerability allows a remote attacker to inject arbitrary QML/JavaScript code by tricking a user into loading a specially crafted malicious SVG file. Successful exploitation could lead to denial of service,...
qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file
A flaw was found in the Qt SVG module and the VectorImage component in Qt Quick. This vulnerability allows a remote attacker to inject arbitrary QML/JavaScript code by tricking a user into loading a specially crafted malicious SVG file. Successful exploitation could lead to denial of service,...
Unity Linux 20.1060e / 20.1070e Security Update: qt5-qtsvg (UTSA-2026-016645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016645 advisory. Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend called from QPainterPath::addPath and...
SUSE CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2026-6210
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
DEBIAN-CVE-2026-6210
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
UBUNTU-CVE-2026-6210
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
CVE-2026-6210
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
CVE-2026-6210
CVE-2026-6210 concerns a type confusion and heap-buffer-overflow in Qt SVG marker handling, causing application crashes via crafted SVG images. The vulnerability occurs when the SVG marker reference processing retrieves a node by its id and casts it to QSvgMarker* without type verification. If a ...
CVE-2026-6210
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
CVE-2026-6210
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...
Qt SVG 安全漏洞
Qt SVG is a graphics processing module developed by the Qt company. Versions of Qt SVG from 6.7.0 to 6.8.8, as well as versions from 6.9.0 to 6.11.1, have security vulnerabilities. These vulnerabilities stem from type confusion during the processing of SVG markup references, which may lead to...
PT-2026-37624
Name of the Vulnerable Software and Affected Versions Qt SVG versions 6.7.0 through 6.8.7 Qt SVG versions 6.9.0 through 6.11.0 Description A type confusion issue in Qt SVG allows an attacker to cause an application crash through a crafted SVG image. When processing SVG marker references, the...
CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
OESA-2026-1648 qt5-qtsvg security update
The Qt SVG module provides functionality for displaying SVG images in widget, and to create SVG files using drawing commands. Security Fixes: The module will parse a pattern node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading...
RockyLinux 10 : qt6-qtsvg (RLSA-2025:22394)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22394 advisory. qtsvg: Uncontrolled recursion in Qt SVG module CVE-2025-10728 Tenable has extracted the preceding description block directly from the RockyLinux security...
RHEL 10 : qt6-qtsvg (RHSA-2025:22394)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22394 advisory. Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and...
ALSA-2025:22394 Moderate: qt6-qtsvg security update
Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qtsvg: Uncontrolled recursion in Qt SVG module CVE-2025-10728 For more details...
RockyLinux 10 : qt6-qtsvg (RLSA-2025:21037)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21037 advisory. qtsvg: Use-after-free vulnerability in Qt SVG CVE-2025-10729 Tenable has extracted the preceding description block directly from the RockyLinux security advisor...