osv-2021-903
Vulnerability from osv_ossfuzz
Published
2021-06-27 00:01
Modified
2023-02-24 02:21
Summary
UNKNOWN WRITE in QOutlineMapper::convertPath
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566
Crash type: UNKNOWN WRITE
Crash state:
QOutlineMapper::convertPath
QRasterPaintEngine::fill
QPaintEngineEx::stroke
{
"affected": [
{
"database_specific": {
"fixed_range": "dd24bc25c9d897b944768db3ebe52f8d68c8f6da:16ab287262e246b27c83f18ccdbd47d68485bbf6"
},
"ecosystem_specific": {
"fixed_range": "dd24bc25c9d897b944768db3ebe52f8d68c8f6da:16ab287262e246b27c83f18ccdbd47d68485bbf6",
"introduced_range": "1c17b656e0c7b3f5fae598a0915fdebfeb822dae:f1b826440d0c9407b08329bb563b95781d6aeb6b",
"severity": "HIGH"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "qt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6b400e3147dcfd8cc3a393ace1bd118c93762e0c"
},
{
"fixed": "202143ba41f6ac574f1858214ed8bf4a38b73ccd"
},
{
"fixed": "1ca02cf2879a5e1511a2f2109f0925cf4c892862"
},
{
"fixed": "9378ba2ae857df7e21a384e514650823db2355c3"
},
{
"fixed": "16ab287262e246b27c83f18ccdbd47d68485bbf6"
},
{
"fixed": "c1ad72ff588275b7b67683bf43cab33e4e0de4ea"
}
],
"repo": "git://code.qt.io/qt/qtbase.git",
"type": "GIT"
}
],
"versions": [
"qt-v5.0.0-alpha1",
"v5.0.0",
"v5.0.0-beta1",
"v5.0.0-beta2",
"v5.0.0-rc1",
"v5.0.0-rc2",
"v5.0.1",
"v5.0.2",
"v5.1.0",
"v5.1.0-alpha1",
"v5.1.0-beta1",
"v5.1.0-rc1",
"v5.1.0-rc2",
"v5.1.1",
"v5.10.0",
"v5.10.0-alpha1",
"v5.10.0-beta1",
"v5.10.0-beta2",
"v5.10.0-beta3",
"v5.10.0-beta4",
"v5.10.0-rc1",
"v5.10.0-rc2",
"v5.10.0-rc3",
"v5.10.1",
"v5.11.0",
"v5.11.0-alpha1",
"v5.11.0-beta1",
"v5.11.0-beta2",
"v5.11.0-beta3",
"v5.11.0-beta4",
"v5.11.0-rc1",
"v5.11.0-rc2",
"v5.11.1",
"v5.11.2",
"v5.11.3",
"v5.12.0",
"v5.12.0-alpha1",
"v5.12.0-beta1",
"v5.12.0-beta2",
"v5.12.0-beta3",
"v5.12.0-beta4",
"v5.12.0-rc1",
"v5.12.0-rc2",
"v5.12.1",
"v5.12.2",
"v5.12.3",
"v5.12.4",
"v5.12.5",
"v5.12.6",
"v5.12.7",
"v5.12.8",
"v5.12.9",
"v5.13.0",
"v5.13.0-alpha1",
"v5.13.0-beta1",
"v5.13.0-beta2",
"v5.13.0-beta3",
"v5.13.0-beta4",
"v5.13.0-rc1",
"v5.13.0-rc2",
"v5.13.0-rc3",
"v5.13.1",
"v5.13.2",
"v5.14.0",
"v5.14.0-alpha1",
"v5.14.0-beta1",
"v5.14.0-beta2",
"v5.14.0-beta3",
"v5.14.0-rc1",
"v5.14.0-rc2",
"v5.14.1",
"v5.14.2",
"v5.15.0",
"v5.15.0-alpha1",
"v5.15.0-beta1",
"v5.15.0-beta2",
"v5.15.0-beta3",
"v5.15.0-beta4",
"v5.15.0-rc1",
"v5.15.0-rc2",
"v5.2.0",
"v5.2.0-alpha1",
"v5.2.0-beta1",
"v5.2.0-rc1",
"v5.2.1",
"v5.3.0",
"v5.3.0-alpha1",
"v5.3.0-beta1",
"v5.3.0-rc1",
"v5.3.1",
"v5.3.2",
"v5.4.0",
"v5.4.0-alpha1",
"v5.4.0-beta1",
"v5.4.0-rc1",
"v5.4.1",
"v5.4.2",
"v5.5.0",
"v5.5.0-alpha1",
"v5.5.0-beta1",
"v5.5.0-rc1",
"v5.5.1",
"v5.6.0",
"v5.6.0-alpha1",
"v5.6.0-beta1",
"v5.6.0-rc1",
"v5.6.1",
"v5.6.1-1",
"v5.6.2",
"v5.6.3",
"v5.7.0",
"v5.7.0-alpha1",
"v5.7.0-beta1",
"v5.7.0-rc1",
"v5.7.1",
"v5.8.0",
"v5.8.0-alpha1",
"v5.8.0-beta1",
"v5.8.0-rc1",
"v5.9.0",
"v5.9.0-alpha1",
"v5.9.0-beta1",
"v5.9.0-beta2",
"v5.9.0-beta3",
"v5.9.0-beta4",
"v5.9.0-rc1",
"v5.9.0-rc2",
"v5.9.1",
"v5.9.2",
"v5.9.3",
"v5.9.4",
"v5.9.5",
"v5.9.6",
"v5.9.7",
"v5.9.8",
"v5.9.9",
"v6.0.0-alpha1",
"v6.0.0-beta1",
"v6.0.0-beta2",
"v6.0.0-beta3",
"v6.0.0-beta4",
"v6.0.0-beta5",
"v6.0.1",
"v6.0.2",
"v6.0.3",
"v6.0.4",
"v6.1.0-alpha1",
"v6.1.0-beta1",
"v6.1.0-beta2",
"v6.1.0-beta3",
"v6.1.2",
"v6.2.0-alpha1",
"v6.2.0-beta1",
"v6.2.0-beta2"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566\n\n```\nCrash type: UNKNOWN WRITE\nCrash state:\nQOutlineMapper::convertPath\nQRasterPaintEngine::fill\nQPaintEngineEx::stroke\n```\n",
"id": "OSV-2021-903",
"modified": "2023-02-24T02:21:32.965558Z",
"published": "2021-06-27T00:01:31.379142Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566"
},
{
"type": "FIX",
"url": "https://codereview.qt-project.org/c/qt/qtbase/+/361724"
}
],
"summary": "UNKNOWN WRITE in QOutlineMapper::convertPath"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…