{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-39936", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T04:33:11.513Z", "dateReserved": "2024-07-04T00:00:00", "datePublished": "2024-07-04T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-04T20:55:33.298937"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://codereview.qt-project.org/c/qt/qtbase/+/571601"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-22T16:46:00.935832Z", "id": "CVE-2024-39936", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-22T16:46:26.342Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.513Z"}, "title": "CVE Program Container", "references": [{"url": "https://codereview.qt-project.org/c/qt/qtbase/+/571601", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://codereview.qt-project.org/c/qt/qtbase/+/571601", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.513Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39936", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-22T16:46:00.935832Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-22T16:46:16.335Z"}}], "cna": {"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://codereview.qt-project.org/c/qt/qtbase/+/571601"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-07-04T20:55:33.298937"}}}, "cveMetadata": {"cveId": "CVE-2024-39936", "state": "PUBLISHED", "dateUpdated": "2024-08-02T04:33:11.513Z", "dateReserved": "2024-07-04T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-07-04T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "E12B8628-DB3E-4ED1-9D7F-261C5895F69E", "versionEndExcluding": "5.15.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "838DE514-7032-40DC-AF57-1661CB8FAFB5", "versionEndExcluding": "6.2.13", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "E25AAED6-E83F-4CB9-8CE2-428F76942B68", "versionEndExcluding": "6.5.7", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", "matchCriteriaId": "1030EC9F-B558-4FA9-A31D-2053DEA52F3A", "versionEndExcluding": "6.7.3", "versionStartIncluding": "6.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed.."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en HTTP2 en Qt antes de 5.15.18, 6.x antes de 6.2.13, 6.3.x hasta 6.5.x antes de 6.5.7 y 6.6.x hasta 6.7.x antes de 6.7.3. El c\u00f3digo para tomar decisiones relevantes para la seguridad sobre una conexi\u00f3n establecida puede ejecutarse demasiado pronto, porque la se\u00f1al encrypted() a\u00fan no se ha emitido ni procesado."}], "id": "CVE-2024-39936", "lastModified": "2024-11-21T09:28:36.910", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-04T21:15:10.180", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://codereview.qt-project.org/c/qt/qtbase/+/571601"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://codereview.qt-project.org/c/qt/qtbase/+/571601"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4647", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "qt5-qtbase-0:5.9.7-6.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4617", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtbase-0:5.15.3-8.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4646", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "qt5-qtbase-0:5.12.5-5.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-07-19T00:00:00Z"}, {"advisory": "RHSA-2024:4621", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "qt5-qtbase-0:5.12.5-9.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4621", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "qt5-qtbase-0:5.12.5-9.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4621", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "qt5-qtbase-0:5.12.5-9.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4644", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "qt5-qtbase-0:5.15.2-5.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4644", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "qt5-qtbase-0:5.15.2-5.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4644", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "qt5-qtbase-0:5.15.2-5.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4639", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "qt5-qtbase-0:5.15.3-2.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4623", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "qt5-qtbase-0:5.15.9-10.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:4645", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "qt5-qtbase-0:5.15.2-30.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-07-19T00:00:00Z"}, {"advisory": "RHSA-2024:4638", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "qt5-qtbase-0:5.15.3-2.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-18T00:00:00Z"}], "bugzilla": {"description": "qtbase: qtbase: Delay any communication until encrypted() can be responded to", "id": "2295867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295867"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-367", "details": ["An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..", "A vulnerability was found in Qt where, during a TLS connection for servers supporting HTTP2, Qt may send data to a server even if the TLS certificate doesn't match the redirected address. This occurs because Qt fails to validate the certificate against the redirected address, potentially sending data to an incorrect or malicious server."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2024-39936", "public_date": "2024-07-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39936\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39936\nhttps://codereview.qt-project.org/c/qt/qtbase/+/571601"], "statement": "This flaw occurs because Qt does not properly validate the certificate against the redirected address, potentially leading to sensitive data being sent to an unintended or malicious server. Given the potential for significant data exposure, this issue is considered important.", "threat_severity": "Important"}