{"id":"AZL-6832","summary":"CVE-2015-9541 affecting package qt5-qtsvg for versions less than 5.12.11-3","details":"Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.","modified":"2026-04-01T05:21:51.454837Z","published":"2020-01-24T22:15:12Z","upstream":["CVE-2015-9541"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-9541"}],"affected":[{"package":{"name":"qt5-qtsvg","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/qt5-qtsvg"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.12.11-3"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6832.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}