Security advisory: Potential Use-After-Free issue in Qt for WebAssembly’s implementation of QNetworkReply

A recently reported potential Use-After-Free issue in Qt’s wasm implementation of QNetworkReply has been assigned the CVE id CVE-2024-30161.

The issue was discovered in Qt versions 6.5.4, 6.5.5, and 6.6.2.

QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly if using the affected versions.

Solution: Apply the following patch or update to Qt 6.5.6 or 6.6.3


Qt 6.6: or
Qt 6.5: or

Blog Topics: