Msrc Cm1 Qt5-Qtsvg 5.12.11-2 On Cbl Mariner 1.0 vulnerabilities

CVE-2021-38593 [HIGH] CWE-787 Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this v

CVE-2018-21035 [HIGH] CWE-770 In Qt through 5.14.1 the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of servic In Qt through 5.14.1 the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). FAQ: Is Azure Linux the only Microsoft produ