CVE-2021-38593

Published: Aug 12, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/qt/qtbase/commit/6b400e3147dcfd8cc3a393ace1bd118c93762e0c

https://github.com/qt/qtbase/commit/202143ba41f6ac574f1858214ed8bf4a38b73ccd

https://github.com/qt/qtbase/commit/1ca02cf2879a5e1511a2f2109f0925cf4c892862

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/qt/OSV-2021-903.yaml

https://www.qt.io/blog/qt-5.15-extended-support-for-subscription-license-holders

https://wiki.qt.io/Qt_5.15_Release#Known_Issues

FEDORA-2022-54760f7fa4

vendor-advisory

FEDORA-2022-4131ced81a

vendor-advisory

GLSA-202402-03

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-38593

Description

Affected Products

References