{"schema_version": "1.7.0", "id": "RLSA-2025:19772", "modified": "2025-11-06T09:10:47.346770Z", "published": "2025-11-06T09:08:39.416791Z", "upstream": ["CVE-2025-10729"], "summary": "Important: qt6-qtsvg security update", "details": "Scalable Vector Graphics (SVG) is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices.\n\nSecurity Fix(es):\n\n* qtsvg: Use-after-free vulnerability in Qt SVG (CVE-2025-10729)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:10", "name": "qt6-qtsvg", "purl": "pkg:rpm/rocky-linux/qt6-qtsvg?distro=rocky-linux-10-0&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:6.8.1-1.el10_0.1"}], "database_specific": {"yum_repository": "AppStream"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2025:19772"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401241"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}