Security advisory: Qt SVG

A recent potential divide by zero in Qt SVG has been reported and has been assigned the CVE id CVE-2023-32573.

In QSvgFont, the m_unitsPerEm variable initialization is mishandled so if a SVG file that uses font-face without units-per-em set is passed to QSvgRenderer to render then it can trigger a division by zero.

Solution: Apply the following patch or update to Qt 5.15.14, Qt 6.2.9 or Qt 6.5.1


Qt 6.5: or
Qt 6.2:
Qt 5.15:

Blog Topics: