libQt5Pdf5-5.15.19-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16593 Final 1 1 2025-09-06T00:00:00Z current 2025-09-06T00:00:00Z 2025-09-06T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libQt5Pdf5-5.15.19-1.1 on GA media These are all security issues fixed in the libQt5Pdf5-5.15.19-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16593 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-10229/ SUSE CVE CVE-2024-10229 page https://www.suse.com/security/cve/CVE-2024-10827/ SUSE CVE CVE-2024-10827 page https://www.suse.com/security/cve/CVE-2024-11477/ SUSE CVE CVE-2024-11477 page https://www.suse.com/security/cve/CVE-2024-12694/ SUSE CVE CVE-2024-12694 page https://www.suse.com/security/cve/CVE-2024-55549/ SUSE CVE CVE-2024-55549 page https://www.suse.com/security/cve/CVE-2025-0436/ SUSE CVE CVE-2025-0436 page https://www.suse.com/security/cve/CVE-2025-0762/ SUSE CVE CVE-2025-0762 page https://www.suse.com/security/cve/CVE-2025-0996/ SUSE CVE CVE-2025-0996 page https://www.suse.com/security/cve/CVE-2025-0999/ SUSE CVE CVE-2025-0999 page https://www.suse.com/security/cve/CVE-2025-1426/ SUSE CVE CVE-2025-1426 page https://www.suse.com/security/cve/CVE-2025-1919/ SUSE CVE CVE-2025-1919 page https://www.suse.com/security/cve/CVE-2025-2136/ SUSE CVE CVE-2025-2136 page https://www.suse.com/security/cve/CVE-2025-24201/ SUSE CVE CVE-2025-24201 page https://www.suse.com/security/cve/CVE-2025-24855/ SUSE CVE CVE-2025-24855 page https://www.suse.com/security/cve/CVE-2025-2783/ SUSE CVE CVE-2025-2783 page https://www.suse.com/security/cve/CVE-2025-3619/ SUSE CVE CVE-2025-3619 page openSUSE Tumbleweed libQt5Pdf5-5.15.19-1.1 libQt5PdfWidgets5-5.15.19-1.1 libqt5-qtpdf-devel-5.15.19-1.1 libqt5-qtpdf-examples-5.15.19-1.1 libqt5-qtpdf-imports-5.15.19-1.1 libqt5-qtpdf-private-headers-devel-5.15.19-1.1 libqt5-qtwebengine-5.15.19-1.1 libqt5-qtwebengine-devel-5.15.19-1.1 libqt5-qtwebengine-examples-5.15.19-1.1 libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 libQt5Pdf5-5.15.19-1.1 as a component of openSUSE Tumbleweed libQt5PdfWidgets5-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-examples-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-imports-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-private-headers-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-examples-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) CVE-2024-10229 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-10229.html CVE-2024-10229 https://bugzilla.suse.com/1232060 SUSE Bug 1232060 Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-10827 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-10827.html CVE-2024-10827 https://bugzilla.suse.com/1232843 SUSE Bug 1232843 7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346. CVE-2024-11477 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-11477.html CVE-2024-11477 https://bugzilla.suse.com/1233581 SUSE Bug 1233581 Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2024-12694 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-12694.html CVE-2024-12694 https://bugzilla.suse.com/1234704 SUSE Bug 1234704 xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes. CVE-2024-55549 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-55549.html CVE-2024-55549 https://bugzilla.suse.com/1239637 SUSE Bug 1239637 Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-0436 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-0436.html CVE-2025-0436 https://bugzilla.suse.com/1235892 SUSE Bug 1235892 Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) CVE-2025-0762 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-0762.html CVE-2025-0762 https://bugzilla.suse.com/1236586 SUSE Bug 1236586 Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) CVE-2025-0996 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-0996.html CVE-2025-0996 https://bugzilla.suse.com/1237121 SUSE Bug 1237121 Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-0999 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-0999.html CVE-2025-0999 https://bugzilla.suse.com/1237343 SUSE Bug 1237343 Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-1426 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-1426.html CVE-2025-1426 https://bugzilla.suse.com/1237343 SUSE Bug 1237343 Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) CVE-2025-1919 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-1919.html CVE-2025-1919 https://bugzilla.suse.com/1238575 SUSE Bug 1238575 Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2025-2136 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-2136.html CVE-2025-2136 https://bugzilla.suse.com/1239216 SUSE Bug 1239216 An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.). CVE-2025-24201 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-24201.html CVE-2025-24201 https://bugzilla.suse.com/1239547 SUSE Bug 1239547 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. CVE-2025-24855 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-24855.html CVE-2025-24855 https://bugzilla.suse.com/1239625 SUSE Bug 1239625 Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) CVE-2025-2783 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-2783.html CVE-2025-2783 https://bugzilla.suse.com/1240084 SUSE Bug 1240084 Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CVE-2025-3619 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-3619.html CVE-2025-3619 https://bugzilla.suse.com/1241288 SUSE Bug 1241288