Test ID:	1.3.6.1.4.1.25623.1.0.845200
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-5241-1)
Summary:	The remote host is missing an update for the 'qtsvg-opensource-src' package(s) announced via the USN-5241-1 advisory.
Description:	Summary: The remote host is missing an update for the 'qtsvg-opensource-src' package(s) announced via the USN-5241-1 advisory. Vulnerability Insight: It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code. Affected Software/OS: 'qtsvg-opensource-src' package(s) on Ubuntu 18.04. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-19869 https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html https://lists.debian.org/debian-lts-announce/2020/10/msg00035.html RedHat Security Advisories: RHSA-2019:2135 https://access.redhat.com/errata/RHSA-2019:2135 SuSE Security Announcement: openSUSE-SU-2019:1116 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00008.html SuSE Security Announcement: openSUSE-SU-2020:1452 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html SuSE Security Announcement: openSUSE-SU-2020:1500 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html SuSE Security Announcement: openSUSE-SU-2020:1501 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html SuSE Security Announcement: openSUSE-SU-2020:1530 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3481 https://access.redhat.com/security/cve/CVE-2021-3481 https://bugreports.qt.io/browse/QTBUG-91507 https://bugzilla.redhat.com/show_bug.cgi?id=1931444 https://codereview.qt-project.org/c/qt/qtsvg/+/337646 https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html Common Vulnerability Exposure (CVE) ID: CVE-2021-45930 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZIXNSX7FV733TWTTLY6FHSH3SCNQKKD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GKOKVCSDZSOWWR3HOW5XUIUJC4MKQY5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V75XNX4GDB64N5BSOAN474RUXXS5OHRU/ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37025 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37306 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/qt/OSV-2021-1121.yaml https://github.com/qt/qtsvg/commit/36cfd9efb9b22b891adee9c48d30202289cfa620 https://github.com/qt/qtsvg/commit/79bb9f51fa374106a612d17c9d98d35d807be670 https://github.com/qt/qtsvg/commit/a3b753c2d077313fc9eb93af547051b956e383fc https://lists.debian.org/debian-lts-announce/2022/01/msg00020.html https://lists.debian.org/debian-lts-announce/2022/01/msg00022.html
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.