CVE-2025-5991
published 2025-06-11CVE-2025-5991: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not…
PriorityP412low2.1CVSS 4.0
AVLACHATNPRNUINVCLVILVALSCLSILSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.12%
2.1th percentile
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a
POST request and the simultaneous handling of HTTP error responses.
This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | qt6-base | — | — |
| debian | qtbase-opensource-src | — | — |
| debian | qtbase-opensource-src-gles | — | — |
| msrc | azl3_mariadb_10.6.9-6_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_mariadb_10.6.9-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| the_qt_company | qt | — | — |
CVSS provenance
nvdv4.02.1LOWCVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv2.1LOW
vendor_msrc7.5HIGH
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xv5c-vg59-hj7x: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module
ghsa_unreviewed·2025-06-11
CVE-2025-5991 [LOW] CWE-416 GHSA-xv5c-vg59-hj7x: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a
POST request and the simultaneous handling of HTTP error responses.
This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1.
OSV
CVE-2025-5991: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module
osv·2025-06-11·CVSS 2.1
CVE-2025-5991 [LOW] CVE-2025-5991: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a
POST request and the simultaneous handling of HTTP error responses.
This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1.
OSV
CVE-2025-5991: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module
osv·2025-06-11·CVSS 2.1
CVE-2025-5991 [LOW] CVE-2025-5991: There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a POST request and the simultaneous handling of HTTP error responses. This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1.
Red Hat
qt: Use after free in Qt
vendor_redhat·2025-06-11·CVSS 2.1
CVE-2025-5991 [LOW] CWE-416 qt: Use after free in Qt
qt: Use after free in Qt
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a
POST request and the simultaneous handling of HTTP error responses.
This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1.
A use-after-free vulnerability has been discovered in Qt's QHttp2ProtocolHandler function. This vulnerability only affects HTTP/2 handling and is the result of a race condition between HTTP body and error response handling.
Statement: The specific versions of Qt affected are not shipped in RedHat products.
Mitigation: Mitigation for this issue is either not available or th
Debian
CVE-2025-5991: qt6-base - There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the Q...
vendor_debian·2025·CVSS 2.1
CVE-2025-5991 [LOW] CVE-2025-5991: qt6-base - There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the Q...
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the body of a POST request and the simultaneous handling of HTTP error responses. This issue only affects Qt 6.9.0 and has been fixed for Qt 6.9.1.
Scope: local
bookworm: resolved
forky: resolved
sid: resolved
trixie: resolved
Microsoft
Buffer overread in domain name matching
vendor_msrc·2024-08-13·CVSS 7.5
CVE-2024-5991 [CRITICAL] CWE-125 Buffer overread in domain name matching
Buffer overread in domain name matching
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
wolfSSL: wolfSSL
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.c
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-06-11
Published