{"id":"CVE-2015-9541","details":"Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.","modified":"2026-04-10T03:46:37.516813Z","published":"2020-01-24T22:15:12Z","related":["ALSA-2020:4690","MGASA-2020-0192"],"references":[{"type":"ADVISORY","url":"https://bugreports.qt.io/browse/QTBUG-47417"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PT6327C64Q4RBFRWUSBKCG7SVGBWU5W/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZMMF4OEJAZRVKVXNO7IZWLEZVQGJN6G/"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}