Early Execution of Security-Relevant Decisions in HTTP2 Could Lead to Security Risks
CVE-2024-39936
8.6HIGH
What is CVE-2024-39936?
A vulnerability exists in the HTTP2 implementation of Qt, where security-relevant decisions regarding established connections may be prematurely executed. This issue arises because the critical 'encrypted()' signal has not yet been emitted and processed, potentially exposing a window for malicious activity. Developers using the affected versions of Qt should prioritize upgrading to secure the integrity of their connections.
