It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.
{ "binaries": [ { "binary_name": "libqt5svg5", "binary_version": "5.9.5-0ubuntu1.1" }, { "binary_name": "libqt5svg5-dbgsym", "binary_version": "5.9.5-0ubuntu1.1" }, { "binary_name": "libqt5svg5-dev", "binary_version": "5.9.5-0ubuntu1.1" }, { "binary_name": "qtsvg5-doc", "binary_version": "5.9.5-0ubuntu1.1" }, { "binary_name": "qtsvg5-doc-html", "binary_version": "5.9.5-0ubuntu1.1" }, { "binary_name": "qtsvg5-examples", "binary_version": "5.9.5-0ubuntu1.1" }, { "binary_name": "qtsvg5-examples-dbgsym", "binary_version": "5.9.5-0ubuntu1.1" } ], "availability": "No subscription required" }