Qt SVG Use-After-Free Vulnerability in Pattern Node Parsing

Vulnerability

A use-after-free vulnerability has been identified in the Qt SVG module. This issue arises when the module parses a pattern node that is not a child of a structural node. Although the node is deleted after creation, it may be accessed later, leading to the vulnerability.

Impact

Exploitation of this vulnerability causes a use-after-free condition, which can potentially be exploited to execute arbitrary code or cause a crash.

Added: Oct 3, 2025, 4:26 PM

Updated: Oct 3, 2025, 4:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

0.6

threat

3.2

urgency

10.0

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

0.6

threat

3.2

urgency

10.0

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qt SVG Use-After-Free Vulnerability in Pattern Node Parsing

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating