OSV-2021-903

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/qt/OSV-2021-903.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-903

Published

2021-06-27T00:01:31.379142Z

Modified

2023-02-24T02:21:32.965558Z

Summary

UNKNOWN WRITE in QOutlineMapper::convertPath

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566

Crash type: UNKNOWN WRITE
Crash state:
QOutlineMapper::convertPath
QRasterPaintEngine::fill
QPaintEngineEx::stroke

References

Affected packages

OSS-Fuzz / qt

Package

Name: qt
Purl: pkg:generic/qt

Affected ranges

Type: GIT
Repo: git://code.qt.io/qt/qtbase.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6b400e3147dcfd8cc3a393ace1bd118c93762e0c

Fixed

202143ba41f6ac574f1858214ed8bf4a38b73ccd

Fixed

1ca02cf2879a5e1511a2f2109f0925cf4c892862

Fixed

9378ba2ae857df7e21a384e514650823db2355c3

Fixed

16ab287262e246b27c83f18ccdbd47d68485bbf6

Fixed

c1ad72ff588275b7b67683bf43cab33e4e0de4ea

Affected versions

qt-v5.*

qt-v5.0.0-alpha1

v5.*

v5.0.0

v5.0.0-beta1

v5.0.0-beta2

v5.0.0-rc1

v5.0.0-rc2

v5.0.1

v5.0.2

v5.1.0

v5.1.0-alpha1

v5.1.0-beta1

v5.1.0-rc1

v5.1.0-rc2

v5.1.1

v5.10.0

v5.10.0-alpha1

v5.10.0-beta1

v5.10.0-beta2

v5.10.0-beta3

v5.10.0-beta4

v5.10.0-rc1

v5.10.0-rc2

v5.10.0-rc3

v5.10.1

v5.11.0

v5.11.0-alpha1

v5.11.0-beta1

v5.11.0-beta2

v5.11.0-beta3

v5.11.0-beta4

v5.11.0-rc1

v5.11.0-rc2

v5.11.1

v5.11.2

v5.11.3

v5.12.0

v5.12.0-alpha1

v5.12.0-beta1

v5.12.0-beta2

v5.12.0-beta3

v5.12.0-beta4

v5.12.0-rc1

v5.12.0-rc2

v5.12.1

v5.12.2

v5.12.3

v5.12.4

v5.12.5

v5.12.6

v5.12.7

v5.12.8

v5.12.9

v5.13.0

v5.13.0-alpha1

v5.13.0-beta1

v5.13.0-beta2

v5.13.0-beta3

v5.13.0-beta4

v5.13.0-rc1

v5.13.0-rc2

v5.13.0-rc3

v5.13.1

v5.13.2

v5.14.0

v5.14.0-alpha1

v5.14.0-beta1

v5.14.0-beta2

v5.14.0-beta3

v5.14.0-rc1

v5.14.0-rc2

v5.14.1

v5.14.2

v5.15.0

v5.15.0-alpha1

v5.15.0-beta1

v5.15.0-beta2

v5.15.0-beta3

v5.15.0-beta4

v5.15.0-rc1

v5.15.0-rc2

v5.2.0

v5.2.0-alpha1

v5.2.0-beta1

v5.2.0-rc1

v5.2.1

v5.3.0

v5.3.0-alpha1

v5.3.0-beta1

v5.3.0-rc1

v5.3.1

v5.3.2

v5.4.0

v5.4.0-alpha1

v5.4.0-beta1

v5.4.0-rc1

v5.4.1

v5.4.2

v5.5.0

v5.5.0-alpha1

v5.5.0-beta1

v5.5.0-rc1

v5.5.1

v5.6.0

v5.6.0-alpha1

v5.6.0-beta1

v5.6.0-rc1

v5.6.1

v5.6.1-1

v5.6.2

v5.6.3

v5.7.0

v5.7.0-alpha1

v5.7.0-beta1

v5.7.0-rc1

v5.7.1

v5.8.0

v5.8.0-alpha1

v5.8.0-beta1

v5.8.0-rc1

v5.9.0

v5.9.0-alpha1

v5.9.0-beta1

v5.9.0-beta2

v5.9.0-beta3

v5.9.0-beta4

v5.9.0-rc1

v5.9.0-rc2

v5.9.1

v5.9.2

v5.9.3

v5.9.4

v5.9.5

v5.9.6

v5.9.7

v5.9.8

v5.9.9

v6.*

v6.0.0-alpha1

v6.0.0-beta1

v6.0.0-beta2

v6.0.0-beta3

v6.0.0-beta4

v6.0.0-beta5

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.1.0-alpha1

v6.1.0-beta1

v6.1.0-beta2

v6.1.0-beta3

v6.1.2

v6.2.0-alpha1

v6.2.0-beta1

v6.2.0-beta2

Ecosystem specific

{
    "severity": "HIGH",
    "introduced_range": "1c17b656e0c7b3f5fae598a0915fdebfeb822dae:f1b826440d0c9407b08329bb563b95781d6aeb6b",
    "fixed_range": "dd24bc25c9d897b944768db3ebe52f8d68c8f6da:16ab287262e246b27c83f18ccdbd47d68485bbf6"
}

Database specific

{
    "fixed_range": "dd24bc25c9d897b944768db3ebe52f8d68c8f6da:16ab287262e246b27c83f18ccdbd47d68485bbf6"
}