DEBIAN-CVE-2021-3481

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2021-3481
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2021-3481.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2021-3481
Upstream
Published
2022-08-22T15:15:13Z
Modified
2025-09-25T22:40:37Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

References

Affected packages

Debian:11 / qtsvg-opensource-src

Package

Name
qtsvg-opensource-src
Purl
pkg:deb/debian/qtsvg-opensource-src?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.2-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / qtsvg-opensource-src

Package

Name
qtsvg-opensource-src
Purl
pkg:deb/debian/qtsvg-opensource-src?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.2-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / qtsvg-opensource-src

Package

Name
qtsvg-opensource-src
Purl
pkg:deb/debian/qtsvg-opensource-src?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.2-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / qtsvg-opensource-src

Package

Name
qtsvg-opensource-src
Purl
pkg:deb/debian/qtsvg-opensource-src?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.2-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}