5 matches found
Out-of-bounds Write
Qt is vulnerable to Out-of-bounds Write. The vulnerability exists in QtPrivate::QCommonArrayOps::growAppend which allows an attacker who is able to submit a crafted image file to an application that uses qsvghandler could cause an out-of-bounds write and potential denial of service...
OSV-2021-1477 UNKNOWN WRITE in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40161 Crash type: UNKNOWN WRITE Crash state: QtPrivate::QCommonArrayOps::growAppend QPainterPath::addPath QPathClipper::intersect...
OSV-2021-1449 UNKNOWN WRITE in void QtPrivate::QPodArrayOps<QPainterPath::Element>::emplace<QPainterPath::Eleme
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39957 Crash type: UNKNOWN WRITE Crash state: void QtPrivate::QPodArrayOps::emplaceQPainterPath::Eleme QPainterPath::lineTo QOutlineMapper::clipElements...
OSV-2021-1143 UNKNOWN WRITE in QtPrivate::QPodArrayOps<QPainterPath::Element>::copyAppend
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37306 This is the same issue as OSV-2021-1121 which it replaced after that one was closed wrongly. Crash type: UNKNOWN WRITE Crash state: QtPrivate::QPodArrayOps::copyAppend QtPrivate::QCommonArrayOps::growAppend QList::append...
OSV-2021-1121 UNKNOWN WRITE in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37025 This is the same issue as OSV-2021-1143 which replaced this one after it was closed wrongly. Crash type: UNKNOWN WRITE Crash state: QtPrivate::QCommonArrayOps::growAppend QPainterPath::addPath QPathClipper::intersect...