vulnerability

Amazon Linux AMI 2: CVE-2021-28025: Security patch for qt5-qtsvg (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:M/Au:N/C:N/I:N/A:C)	Aug 11, 2023	Sep 8, 2023	May 20, 2026

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:N/A:C)

Published

Aug 11, 2023

Added

Sep 8, 2023

Modified

May 20, 2026

Description

Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).

Solutions

amazon-linux-ami-2-upgrade-qt5-qtsvgamazon-linux-ami-2-upgrade-qt5-qtsvg-debuginfoamazon-linux-ami-2-upgrade-qt5-qtsvg-develamazon-linux-ami-2-upgrade-qt5-qtsvg-docamazon-linux-ami-2-upgrade-qt5-qtsvg-examples

References

AMAZON-AL2/ALAS-2023-2242
CVE-2021-28025
https://attackerkb.com/topics/CVE-2021-28025
CWE-190
EUVD-EUVD-2021-14743
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-14743

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report