CVE-2021-3481

Source
https://cve.org/CVERecord?id=CVE-2021-3481
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3481.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-3481
Downstream
Related
Published
2022-08-22T15:15:13.363Z
Modified
2026-07-09T01:31:02.185407Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

References

Affected packages

Git / github.com/qt/qt5

Affected ranges

Type
GIT
Repo
https://github.com/qt/qt5
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:a:qt:qt:5.15.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:qt:qt:6.0.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:qt:qt:6.0.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:qt:qt:6.2.0:-:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "5.15.1"
        },
        {
            "last_affected": "5.15.1"
        },
        {
            "introduced": "6.0.0-NA"
        },
        {
            "last_affected": "6.0.0-NA"
        },
        {
            "introduced": "6.0.2"
        },
        {
            "last_affected": "6.0.2"
        },
        {
            "introduced": "6.2.0-NA"
        },
        {
            "last_affected": "6.2.0-NA"
        }
    ]
}

Affected versions

5.*
5.15.1
6.*
6.0.0-NA
6.0.2
6.2.0-NA

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3481.json"

Git / github.com/qt/qtbase

Affected ranges

Type
GIT
Repo
https://github.com/qt/qtbase
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": [
        "cpe:2.3:a:qt:qt:5.15.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:qt:qt:6.0.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:qt:qt:6.0.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:qt:qt:6.2.0:-:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "5.15.1"
        },
        {
            "last_affected": "5.15.1"
        },
        {
            "introduced": "6.0.0-NA"
        },
        {
            "last_affected": "6.0.0-NA"
        },
        {
            "introduced": "6.0.2"
        },
        {
            "last_affected": "6.0.2"
        },
        {
            "introduced": "6.2.0-NA"
        },
        {
            "last_affected": "6.2.0-NA"
        }
    ]
}

Affected versions

5.*
5.15.1
6.*
6.0.0-NA
6.0.2
6.2.0-NA

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3481.json"