Lucene search

MitreCVELIST:CVE-2024-36048

HistoryMay 18, 2024 - 12:00 a.m.

CVE-2024-36048

2024-05-1800:00:00

mitre

www.cve.org

network

authorization

vulnerability

cve-2024-36048

prng

guessable values

AI Score

6.4

Confidence

Low

EPSS

Percentile

15.5%

JSON

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

References

codereview.qt-project.org/c/qt/qtnetworkauth/+/560317

codereview.qt-project.org/c/qt/qtnetworkauth/+/560368

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGB6KUPJFQWUBKXVDPJUMAD6KNJJEWPW/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZOOZZZSK5PNRHFGQMUGUHVYWLILFJCRS/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPHAI3DKDCIU6XLNS6PV6GFS2PHH3GZM/