{"id":"CVE-2015-9541","details":"Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.","modified":"2026-04-16T00:01:19.908508338Z","published":"2020-01-24T22:15:12Z","withdrawn":"2026-01-27T04:15:21.352086Z","related":["ALSA-2020:4690"],"references":[{"type":"ADVISORY","url":"https://bugreports.qt.io/browse/QTBUG-47417"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PT6327C64Q4RBFRWUSBKCG7SVGBWU5W/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZMMF4OEJAZRVKVXNO7IZWLEZVQGJN6G/"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}