{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3481","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","dateUpdated":"2024-08-03T16:53:17.684Z","dateReserved":"2021-04-01T00:00:00.000Z","datePublished":"2022-08-22T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2023-08-23T00:06:13.050Z"},"descriptions":[{"lang":"en","value":"A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability."}],"affected":[{"vendor":"n/a","product":"qt","versions":[{"version":"Fixed in qt 5.12.11, qt 5.15.4, qt 6.0.3, qt 6.1.0RC.","status":"affected"}]}],"references":[{"url":"https://bugreports.qt.io/browse/QTBUG-91507"},{"url":"https://codereview.qt-project.org/c/qt/qtsvg/+/337646"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1931444"},{"url":"https://access.redhat.com/security/cve/CVE-2021-3481"},{"name":"[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-125 - Out-of-bounds Read","cweId":"CWE-125"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T16:53:17.684Z"},"title":"CVE Program Container","references":[{"url":"https://bugreports.qt.io/browse/QTBUG-91507","tags":["x_transferred"]},{"url":"https://codereview.qt-project.org/c/qt/qtsvg/+/337646","tags":["x_transferred"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1931444","tags":["x_transferred"]},{"url":"https://access.redhat.com/security/cve/CVE-2021-3481","tags":["x_transferred"]},{"name":"[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html"}]}]}}