Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2024-39936

An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..

  • Published: Jul 4, 2024
  • Updated: Jul 9, 2024
  • CVE: CVE-2024-39936
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.9
  • AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

Software From Fixed in
qt / qt 6.6.0 6.7.3
qt / qt 6.3.0 6.5.7
qt / qt 6.0.0 6.2.13
qt / qt - 5.15.18