Rapid7 Vulnerability & Exploit Database

Amazon Linux AMI 2: CVE-2024-39936: Security patch for qt5, qt5-qt3d, qt5-qtbase, qt5-qtcanvas3d, qt5-qtconnectivity, qt5-qtdeclarative, qt5-qtgraphicaleffects, qt5-qtimageformats, qt5-qtlocation, qt5-qtmultimedia, qt5-qtquickcontrols, qt5-qtscript, qt5-qtsensors, qt5-qtserialport, qt5-qtsvg, qt5-qttools, qt5-qtwebchannel, qt5-qtwebsockets, qt5-qtx11extras, qt5-qtxmlpatterns (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Amazon Linux AMI 2: CVE-2024-39936: Security patch for qt5, qt5-qt3d, qt5-qtbase, qt5-qtcanvas3d, qt5-qtconnectivity, qt5-qtdeclarative, qt5-qtgraphicaleffects, qt5-qtimageformats, qt5-qtlocation, qt5-qtmultimedia, qt5-qtquickcontrols, qt5-qtscript, qt5-qtsensors, qt5-qtserialport, qt5-qtsvg, qt5-qttools, qt5-qtwebchannel, qt5-qtwebsockets, qt5-qtx11extras, qt5-qtxmlpatterns (Multiple Advisories)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
07/04/2024
Created
11/05/2024
Added
11/04/2024
Modified
11/04/2024

Description

An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..

Solution(s)

  • amazon-linux-ami-2-upgrade-qt5
  • amazon-linux-ami-2-upgrade-qt5-assistant
  • amazon-linux-ami-2-upgrade-qt5-designer
  • amazon-linux-ami-2-upgrade-qt5-devel
  • amazon-linux-ami-2-upgrade-qt5-doctools
  • amazon-linux-ami-2-upgrade-qt5-linguist
  • amazon-linux-ami-2-upgrade-qt5-qdbusviewer
  • amazon-linux-ami-2-upgrade-qt5-qt3d
  • amazon-linux-ami-2-upgrade-qt5-qt3d-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qt3d-devel
  • amazon-linux-ami-2-upgrade-qt5-qt3d-examples
  • amazon-linux-ami-2-upgrade-qt5-qtbase
  • amazon-linux-ami-2-upgrade-qt5-qtbase-common
  • amazon-linux-ami-2-upgrade-qt5-qtbase-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtbase-devel
  • amazon-linux-ami-2-upgrade-qt5-qtbase-examples
  • amazon-linux-ami-2-upgrade-qt5-qtbase-gui
  • amazon-linux-ami-2-upgrade-qt5-qtbase-mysql
  • amazon-linux-ami-2-upgrade-qt5-qtbase-odbc
  • amazon-linux-ami-2-upgrade-qt5-qtbase-postgresql
  • amazon-linux-ami-2-upgrade-qt5-qtbase-private-devel
  • amazon-linux-ami-2-upgrade-qt5-qtbase-static
  • amazon-linux-ami-2-upgrade-qt5-qtcanvas3d
  • amazon-linux-ami-2-upgrade-qt5-qtcanvas3d-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtcanvas3d-examples
  • amazon-linux-ami-2-upgrade-qt5-qtconnectivity
  • amazon-linux-ami-2-upgrade-qt5-qtconnectivity-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtconnectivity-devel
  • amazon-linux-ami-2-upgrade-qt5-qtconnectivity-examples
  • amazon-linux-ami-2-upgrade-qt5-qtdeclarative
  • amazon-linux-ami-2-upgrade-qt5-qtdeclarative-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtdeclarative-devel
  • amazon-linux-ami-2-upgrade-qt5-qtdeclarative-examples
  • amazon-linux-ami-2-upgrade-qt5-qtdeclarative-static
  • amazon-linux-ami-2-upgrade-qt5-qtgraphicaleffects
  • amazon-linux-ami-2-upgrade-qt5-qtgraphicaleffects-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtimageformats
  • amazon-linux-ami-2-upgrade-qt5-qtimageformats-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtlocation
  • amazon-linux-ami-2-upgrade-qt5-qtlocation-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtlocation-devel
  • amazon-linux-ami-2-upgrade-qt5-qtlocation-examples
  • amazon-linux-ami-2-upgrade-qt5-qtmultimedia
  • amazon-linux-ami-2-upgrade-qt5-qtmultimedia-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtmultimedia-devel
  • amazon-linux-ami-2-upgrade-qt5-qtmultimedia-examples
  • amazon-linux-ami-2-upgrade-qt5-qtquickcontrols
  • amazon-linux-ami-2-upgrade-qt5-qtquickcontrols-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtquickcontrols-examples
  • amazon-linux-ami-2-upgrade-qt5-qtscript
  • amazon-linux-ami-2-upgrade-qt5-qtscript-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtscript-devel
  • amazon-linux-ami-2-upgrade-qt5-qtscript-examples
  • amazon-linux-ami-2-upgrade-qt5-qtsensors
  • amazon-linux-ami-2-upgrade-qt5-qtsensors-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtsensors-devel
  • amazon-linux-ami-2-upgrade-qt5-qtsensors-examples
  • amazon-linux-ami-2-upgrade-qt5-qtserialport
  • amazon-linux-ami-2-upgrade-qt5-qtserialport-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtserialport-devel
  • amazon-linux-ami-2-upgrade-qt5-qtserialport-examples
  • amazon-linux-ami-2-upgrade-qt5-qtsvg
  • amazon-linux-ami-2-upgrade-qt5-qtsvg-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtsvg-devel
  • amazon-linux-ami-2-upgrade-qt5-qtsvg-examples
  • amazon-linux-ami-2-upgrade-qt5-qttools
  • amazon-linux-ami-2-upgrade-qt5-qttools-common
  • amazon-linux-ami-2-upgrade-qt5-qttools-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qttools-devel
  • amazon-linux-ami-2-upgrade-qt5-qttools-examples
  • amazon-linux-ami-2-upgrade-qt5-qttools-libs-designer
  • amazon-linux-ami-2-upgrade-qt5-qttools-libs-designercomponents
  • amazon-linux-ami-2-upgrade-qt5-qttools-libs-help
  • amazon-linux-ami-2-upgrade-qt5-qttools-static
  • amazon-linux-ami-2-upgrade-qt5-qtwebchannel
  • amazon-linux-ami-2-upgrade-qt5-qtwebchannel-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtwebchannel-devel
  • amazon-linux-ami-2-upgrade-qt5-qtwebchannel-examples
  • amazon-linux-ami-2-upgrade-qt5-qtwebsockets
  • amazon-linux-ami-2-upgrade-qt5-qtwebsockets-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtwebsockets-devel
  • amazon-linux-ami-2-upgrade-qt5-qtwebsockets-examples
  • amazon-linux-ami-2-upgrade-qt5-qtx11extras
  • amazon-linux-ami-2-upgrade-qt5-qtx11extras-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtx11extras-devel
  • amazon-linux-ami-2-upgrade-qt5-qtxmlpatterns
  • amazon-linux-ami-2-upgrade-qt5-qtxmlpatterns-debuginfo
  • amazon-linux-ami-2-upgrade-qt5-qtxmlpatterns-devel
  • amazon-linux-ami-2-upgrade-qt5-qtxmlpatterns-examples
  • amazon-linux-ami-2-upgrade-qt5-rpm-macros
  • amazon-linux-ami-2-upgrade-qt5-srpm-macros

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;