cvedb.io
CVE-2024-39936
HIGH · CVSS 8.6
EPSS exploitation probability: 0%
Published 2024-07-04T21:15:10.180 · Last modified 2026-06-17T07:43:03.900

Summary

An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..

Affected products

qt — qt

Does this affect you?

Add your gear to cvedb and we'll alert you only when qt ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.