• Developers
    • Developers Price. Buy. Download. Try.
    Subnavigation

    Security advisory: Potential Use-After-Free issue in Qt for WebAssembly’s implementation of QNetworkReply

    April 18, 2024 by Andy Shaw | Comments

    A recently reported potential Use-After-Free issue in Qt’s wasm implementation of QNetworkReply has been assigned the CVE id CVE-2024-30161.

    The issue was discovered in Qt versions 6.5.4, 6.5.5, and 6.6.2.

    QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly if using the affected versions.

    Solution: Apply the following patch or update to Qt 6.5.6 or 6.6.3

    Patches:

    dev: https://codereview.qt-project.org/c/qt/qtbase/+/544314
    Qt 6.6: https://codereview.qt-project.org/c/qt/qtbase/+/548060 or https://download.qt.io/official_releases/qt/6.6/CVE-2024-30161-qtbase-6.6.diff
    Qt 6.5: https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/548490 or https://download.qt.io/official_releases/qt/6.5/CVE-2024-30161-qtbase-6.5.diff

    Blog Topics:

    Comments

    Subscribe to our newsletter

    Subscribe Newsletter

    Try Qt 6.7 Now!

    Download the latest release here: www.qt.io/download.

    Qt 6.7 focuses on the expansion of supported platforms and industry standards. This makes code written with Qt more sustainable and brings more value in Qt as a long-term investment.

    We're Hiring

    Check out all our open positions here and follow us on Instagram to see what it's like to be #QtPeople.

    Read Next

    Apr 29, 2024

    Qt Visual Studio Tools 3.2.0 Released

    We are happy to announce the release of the Qt Visual Studio Tools version..

    Read Article

    Feb 15, 2024

    Security advisory: Potential Buffer Overflow when reading KTX images

    A recently reported potential buffer overflow issue in Qt’s KTX’s image..

    Read Article

    Jan 2, 2024

    Security advisory: Potential Integer Overflow in Qt's HTTP2 implementation

    A recently reported potential integer overflow issue in Qt’s HTTP2..

    Read Article

    G2 Leader Winter 2024 Logo
    Contact Us

    Qt Group includes The Qt Company Oy and its global subsidiaries and affiliates.