Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-36048

Опубликовано: 18 мая 2024
Источник: debian
EPSS Низкий

Описание

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qtnetworkauth-everywhere-srcfixed5.15.13-3package
qtnetworkauth-everywhere-srcignoredbookwormpackage
qtnetworkauth-everywhere-srcno-dsabullseyepackage
qtnetworkauth-everywhere-srcpostponedbusterpackage
qt6-networkauthfixed6.7.2-2package
qt6-networkauthignoredbookwormpackage

Примечания

  • https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560317 (security fix)

  • https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560368 (followup/finetuning)

EPSS

Процентиль: 39%
0.00172
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-36048

CVSS3: 9.8
ubuntu
больше 1 года назад

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

redhat логотип

CVE-2024-36048

CVSS3: 5.9
redhat
больше 1 года назад

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

nvd логотип

CVE-2024-36048

CVSS3: 9.8
nvd
больше 1 года назад

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

suse-cvrf логотип

openSUSE-SU-2024:0143-1

suse-cvrf
больше 1 года назад

Security update for libqt5-qtnetworkauth

suse-cvrf логотип

openSUSE-SU-2024:0138-1

suse-cvrf
больше 1 года назад

Security update for qt6-networkauth

EPSS

Процентиль: 39%
0.00172
Низкий