CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39936 – qtbase: qtbase: Delay any communication until encrypted() can be responded to
https://notcve.org/view.php?id=CVE-2024-39936
04 Jul 2024 — An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.. Se descubrió un problema en HTTP2 en Qt antes de 5.15.18, 6.x antes de 6.2.13, 6.3.x hasta 6.5.x antes de 6.5.7 y 6.6.x hasta 6.7.x antes de 6.7.3. El código para tomar decisiones relevantes para la... • https://codereview.qt-project.org/c/qt/qtbase/+/571601 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-51714 – qt: incorrect integer overflow check
https://notcve.org/view.php?id=CVE-2023-51714
24 Dec 2023 — An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. Se descubrió un problema en la implementación de HTTP2 en Qt antes de 5.15.17, 6.x antes de 6.2.11, 6.3.x hasta 6.5.x antes de 6.5.4 y 6.6.x antes de 6.6.2. network/access/http2/hpacktable.cpp tiene una comprobación de desbordamiento de enteros HPack incorrecta. An integer over... • https://codereview.qt-project.org/c/qt/qtbase/+/524864 • CWE-190: Integer Overflow or Wraparound •