Home

Description

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

PUBLISHED Reserved 2024-05-18 | Published 2024-05-18 | Updated 2024-08-08 | Assigner mitre

References

codereview.qt-project.org/c/qt/qtnetworkauth/+/560317

codereview.qt-project.org/c/qt/qtnetworkauth/+/560368

lists.fedoraproject.org/...RGB6KUPJFQWUBKXVDPJUMAD6KNJJEWPW/ (FEDORA-2024-3936682805) vendor-advisory

lists.fedoraproject.org/...ZPHAI3DKDCIU6XLNS6PV6GFS2PHH3GZM/ (FEDORA-2024-bfb8617ba3) vendor-advisory

lists.fedoraproject.org/...ZOOZZZSK5PNRHFGQMUGUHVYWLILFJCRS/ (FEDORA-2024-2e27372d4c) vendor-advisory

cve.org (CVE-2024-36048)

nvd.nist.gov (CVE-2024-36048)

Download JSON