qtsvg: Multiple Vulnerabilities

Background qtsvg is a SVG rendering library for the Qt framework. Description Multiple vulnerabilities have been discovered in qtsvg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

libQt6Svg6-6.10.0-1.1 on GA media (moderate)

libQt6Svg6-6.10.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15630-1 Rating: moderate Cross-References: CVE-2025-10728 CVE-2025-10729 CVSS scores: CVE-2025-10728 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2025-10729 SUSE : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H...

EUVD-2018-0609

Malware in sbrugna...

Fedora: Security Advisory for librsvg2 (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php-svg-lib security vulnerability

php-svg-lib is an open source SVG file parsing/rendering library from dompdf. A security vulnerability exists in versions of php-svg-lib prior to 0.5.2, which stems from the fact that it will not validate that external references are allowed, which could lead to bypassing restrictions or Remote...

DEBIAN-CVE-2023-50252

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

PT-2023-31509 · Unknown · Php-Svg-Lib

Name of the Vulnerable Software and Affected Versions: php-svg-lib versions prior to 0.5.1 Description: The issue arises when parsing attributes passed to a use tag inside an SVG document, allowing an attacker to cause the system to go into infinite recursion. This could exhaust the memory...

php-svg-lib security vulnerability

php-svg-lib is an open source SVG file parsing/rendering library from dompdf. A security vulnerability exists in php-svg-lib versions prior to 0.5.1. The vulnerability stems from the fact that when processing a use tag that references an image tag, the attributes in the use tag are merged into th...

PT-2023-31510 · Unknown +1 · Php-Svg-Lib +1

Name of the Vulnerable Software and Affected Versions: php-svg-lib versions prior to 0.5.1 Description: The issue arises when handling tags that reference tags, as it merges attributes from the tag to the tag. This is particularly problematic when the href attribute from the tag has not been...

[SECURITY] Fedora 37 Update: librsvg2-2.54.6-1.fc37

An SVG library based on cairo...

Fedora: Security Advisory for librsvg2 (FEDORA-2023-fc79ee273d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: librsvg2-2.56.3-1.fc38

An SVG library based on cairo...

USN-6178-1 Several security issues were fixed in SVG++ library

It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under certain circumstances. An attacker could possibly use this issue to leak memory information or run a denial of service attack. This issue only affected Ubuntu...

Ubuntu 18.04 ESM / 22.04 LTS : SVG++ library vulnerabilities (USN-6178-1)

The remote Ubuntu 18.04 ESM / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6178-1 advisory. It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under...

USN-6117-1: Apache Batik vulnerabilities

It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. CVE-2019-17566, CVE-2020-11987, CVE-2022-38398, CVE-2022-38648 It was discovered that Apache Batik incorrectly handled Jar URLs in some...

AZL-26670 CVE-2023-32573 affecting package qt5-qtsvg for versions less than 5.15.9-1

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

The vulnerability of the library for working with SVG images in Apache Batik, related to insufficient validation of incoming requests, allows a hacker to execute arbitrary Java code.

The vulnerability of the Apache Batik library for working with SVG images is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary Java code remotely...

The vulnerability of the library for working with SVG images in Apache Batik, related to insufficient validation of incoming requests, allows a hacker to execute arbitrary Java code.

The vulnerability of the Apache Batik library for working with SVG images is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary Java code remotely...

Debian: Security Advisory (DSA-5264-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3169-1] batik security update

Debian LTS Advisory DLA-3169-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 29, 2022 https://wiki.debian.org/LTS Package : batik Version : 1.10-2+deb10u2 CVE ID : CVE-2022-41704 CVE-2022-42890 It was discovered that Apache Batik, a SVG library for Java,...