It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "qtsvg5-doc-html": "5.9.5-0ubuntu1.1", "qtsvg5-doc": "5.9.5-0ubuntu1.1", "libqt5svg5-dev": "5.9.5-0ubuntu1.1", "qtsvg5-examples": "5.9.5-0ubuntu1.1", "libqt5svg5-dbgsym": "5.9.5-0ubuntu1.1", "qtsvg5-examples-dbgsym": "5.9.5-0ubuntu1.1", "libqt5svg5": "5.9.5-0ubuntu1.1" } ] }