Home

CVE-2021-45930

Description

Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.078

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in Dell Peripheral Manager (1.7.3)Windows
Qt 5 SVG module (USN-5241-1) libqt5svg5_5.9.5-0ubuntu1.1_i386.debLinux
Qt 5 SVG module (USN-5241-1) libqt5svg5_5.9.5-0ubuntu1.1_amd64.debLinux
SUSE-SU-2023:2969-1(Basesystem Module 15-SP5 ) libqt5-qtsvg-debugsource-5.15.8+kde8-150500.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2969-1(Basesystem Module 15-SP5 ) libqt5-qtsvg-devel-5.15.8+kde8-150500.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2969-1(Basesystem Module 15-SP5 ) libQt5Svg5-5.15.8+kde8-150500.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2969-1(Basesystem Module 15-SP5 ) libQt5Svg5-debuginfo-5.15.8+kde8-150500.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2969-1(Desktop Applications Module 15-SP5 ) libqt5-qtsvg-private-headers-devel-5.15.8+kde8-150500.3.3.1.noarch.rpmLinux
SUSE-SU-2023:2981-1(Basesystem Module 15-SP4 ) libqt5-qtsvg-debugsource-5.15.2+kde16-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2981-1(Basesystem Module 15-SP4 ) libQt5Svg5-debuginfo-5.15.2+kde16-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2981-1(Desktop Applications Module 15-SP4 ) libqt5-qtsvg-private-headers-devel-5.15.2+kde16-150400.3.3.1.noarch.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-debuginfo-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-debugsource-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-devel-doc-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-devel-doc-debugsource-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-qt3support-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-qt3support-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-qt3support-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-qt3support-debuginfo-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-debuginfo-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-mysql-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-mysql-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-plugins-debugsource-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-sqlite-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-sql-sqlite-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-x11-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-x11-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-x11-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) libqt4-x11-debuginfo-32bit-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) qt4-x11-tools-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:4622-1(SUSE Linux Enterprise Server 12 SP5 ) qt4-x11-tools-debuginfo-4.8.7-8.19.1.x86_64.rpmLinux
SUSE-SU-2023:2981-1(Basesystem Module 15-SP4 ) libQt5Svg5-5.15.2+kde16-150400.3.3.1.x86_64.rpmLinux
SUSE-SU-2023:2981-1(Basesystem Module 15-SP4 ) libqt5-qtsvg-devel-5.15.2+kde16-150400.3.3.1.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-342733Dell Peripheral Manager (1.7.7)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234