CVE-2021-28025
MEDIUMQt qtsvg 5.15.1 6.0.0 6.0.2 6.2 - Denial of Service via Integer Overflow in qsvghandler.cpp
Title source: llmDescription
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).
References (1)
Core 1
Core References
Exploit, Issue Tracking, Vendor Advisory
https://bugreports.qt.io/browse/QTBUG-91507
Scores
CVSS v3
5.5
EPSS
0.0027
EPSS Percentile
17.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-190
Status
published
Products (4)
qt/qt
5.15.1
qt/qt
6.0.0 (9 CPE variants)
qt/qt
6.0.2
qt/qt
6.2.0 alpha1 (7 CPE variants)
Published
Aug 11, 2023
Tracked Since
Feb 18, 2026