• Developers
  • Learning Hub
    • Learning Hub Developers Price. Buy. Download. Try.
    Subnavigation

    Security advisory: Potential Use-After-Free issue in Qt for WebAssembly’s implementation of QNetworkReply

    April 18, 2024 by Andy Shaw | Comments

    A recently reported potential Use-After-Free issue in Qt’s wasm implementation of QNetworkReply has been assigned the CVE id CVE-2024-30161.

    The issue was discovered in Qt versions 6.5.4, 6.5.5, and 6.6.2.

    QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly if using the affected versions.

    Solution: Apply the following patch or update to Qt 6.5.6 or 6.6.3

    Patches:

    dev: https://codereview.qt-project.org/c/qt/qtbase/+/544314
    Qt 6.6: https://codereview.qt-project.org/c/qt/qtbase/+/548060 or https://download.qt.io/official_releases/qt/6.6/CVE-2024-30161-qtbase-6.6.diff
    Qt 6.5: https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/548490 or https://download.qt.io/official_releases/qt/6.5/CVE-2024-30161-qtbase-6.5.diff

    Blog Topics:

    Comments

    Subscribe to our newsletter

    Subscribe Newsletter

    Try Qt 6.8 Now!

    Download the latest release here: www.qt.io/download.

    Qt 6.8 release focuses on technology trends like spatial computing & XR, complex data visualization in 2D & 3D, and ARM-based development for desktop.

    We're Hiring

    Check out all our open positions here and follow us on Instagram to see what it's like to be #QtPeople.

    Read Next

    Oct 8, 2024

    Qt 6.8 LTS Released!

    We are thrilled to announce the release of Qt 6.8, packed with support for..

    Read Article

    Sep 20, 2024

    Qt Gradle Plugin 1.0 Released

    Qt Gradle Plugin 1.0 (QtGP) build tool has been released. You can include..

    Read Article

    Sep 16, 2024

    Qt Tools for Android Studio 3.0 Released

    We are happy to announce the release of Qt Tools for Android Studio 3.0...

    Read Article

    G2 Leader Fall 2024 Logo
    Contact Us

    Qt Group includes The Qt Company Oy and its global subsidiaries and affiliates.