CVE-2024-36048

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-36048
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36048.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-36048
Downstream
Related
Published
2024-05-18T21:15:47.673Z
Modified
2026-02-04T21:35:11.651654Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

References

Affected packages

Git / github.com/qt/qt5

Affected ranges

Type
GIT
Repo
https://github.com/qt/qt5
Events
Introduced
244fc454356bc9fb31a30692b8645cbfd91dc52c
Fixed
6977d02f6d4b5baf776144bb75948583790b7607
Introduced
1734139bf4629af593e79d247a18f8e511bf7c5e
Fixed
a914bb2a347568eba526abdf95967c2e7ec310a2
Fixed
c59ae95d8aed879768fe09e0de04f693724e6319
Introduced
78410d7e8b7aafdcbb4feea3a943038c7e0a0b5f
Fixed
ddc22d5d868e82f1348523fa64f24d4df58e29b9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36048.json"

Git / github.com/qt/qtbase

Affected ranges

Type
GIT
Repo
https://github.com/qt/qtbase
Events
Introduced
9554d315aa74eaba1726405ee09117e2ebc6111f
Fixed
5d8e9a8415562ba004b38508d91e1fa0254c17d3
Introduced
fc9cda5f08ac848e88f63dd4a07c08b2fbc6bf17
Fixed
8c8e225029a8c1982e04a4a5e3d62f08e84e3d15
Fixed
8e79bee4afa2a1466f360f44fb07d24e432a82a6
Introduced
33f5e985e480283bb0ca9dea5f82643e825ba87c
Fixed
c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85

Database specific

vanir_signatures 
[
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-0cf1020b",
        "target": {
            "file": "tests/auto/gui/kernel/qwindow/tst_foreignwindow.cpp",
            "function": "tst_ForeignWindow::destroyExplicitly"
        },
        "digest": {
            "function_hash": "167710641914584835164638987615464980987",
            "length": 255.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/5d8e9a8415562ba004b38508d91e1fa0254c17d3",
        "id": "CVE-2024-36048-27de3958",
        "target": {
            "file": "src/tools/qlalr/cppgenerator.cpp"
        },
        "digest": {
            "line_hashes": [
                "19558493098812227728671165474361015392",
                "106008374532169155072527926556305774515",
                "188893840817205926988204630655514730863",
                "235179633474731591380608793762610541546"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-3433f5bf",
        "target": {
            "file": "src/plugins/platforms/xcb/qxcbwindow.cpp"
        },
        "digest": {
            "line_hashes": [
                "150320445698472585452359711103017300747",
                "228784429919967287149882555896621883845",
                "296577847816729286036815618586912137908",
                "293740708044199438632626542404706028099",
                "245147283371604809026738141956992108570"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-3aed0601",
        "target": {
            "file": "tests/shared/nativewindow.h"
        },
        "digest": {
            "line_hashes": [
                "284488683758679824838732995531507759190",
                "137384156562249189954597410965423276826",
                "223949202602341188889996243530118959715",
                "156428147933671293219285084319497247749"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/5d8e9a8415562ba004b38508d91e1fa0254c17d3",
        "id": "CVE-2024-36048-40617b24",
        "target": {
            "file": "src/tools/qlalr/cppgenerator.cpp",
            "function": "CppGenerator::copyrightHeader"
        },
        "digest": {
            "function_hash": "136461757324256813282022259417379127365",
            "length": 158.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-4afce0fd",
        "target": {
            "file": "tests/auto/gui/kernel/qwindow/tst_foreignwindow.cpp",
            "function": "tst_ForeignWindow::destroyWhenParentIsDestroyed"
        },
        "digest": {
            "function_hash": "20983207763261539872075793526631137963",
            "length": 461.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-523556a4",
        "target": {
            "file": "tests/shared/nativewindow.h",
            "function": "NativeWindow::parentWinId"
        },
        "digest": {
            "function_hash": "251886366003440757698313607737525806609",
            "length": 235.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-5cfb4c25",
        "target": {
            "file": "src/plugins/platforms/windows/qwindowswindow.cpp",
            "function": "QWindowsForeignWindow::QWindowsForeignWindow"
        },
        "digest": {
            "function_hash": "250516772070905167994963571316013624661",
            "length": 238.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-60b98039",
        "target": {
            "file": "src/gui/kernel/qwindow_p.h"
        },
        "digest": {
            "line_hashes": [
                "255763870131283539416238262527083052562",
                "154290781434968483991591887671502434935",
                "74569841705936854573047932254770923601",
                "270723195833870282506416390078022708435"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-69396c47",
        "target": {
            "file": "tests/auto/gui/kernel/qwindow/tst_foreignwindow.cpp"
        },
        "digest": {
            "line_hashes": [
                "271267143252185474985038563552166048983",
                "304703185827017335069513822157713052213",
                "117739349344470412539153357415096516955",
                "85405678149403526245140560040940334407",
                "282548076780827272515054954826773417203",
                "58636945141286012246812604982755324591",
                "226919422802901910251475876837542119878",
                "57657238509838055209967576852470098414",
                "125396915458609705207129786992095377467",
                "130611596281539227421270101693398704059",
                "161423302330941662624559568809690976628",
                "98745766587119799757734107415124725097",
                "223631395069105247929784425858952995805",
                "224696349237157131722753654134206196555",
                "218466060350931645704801792742619652728",
                "286669364175246423205630997889849974160",
                "155499522296625747483328165178536059847",
                "187306856615574609504397138770280786264",
                "235131350359379400929830233080673380980",
                "183348236376123823417323438027111592996",
                "73908069670223730780283871581003907951",
                "209523599475827730032359635212266084710",
                "109323854446146428432329564228585909623",
                "307271913190766715105776552384876072614",
                "327178978675058488392579593919847543707",
                "278295402547499022294253430384398689489",
                "235668346213930321240866402162382560595",
                "239716182879539760265739827611778490047",
                "160193077348762833855369632908184231270",
                "271339712384314528442862761554943401158",
                "263517721054527747583097021726661914757",
                "334177539483362066157487955768220524580",
                "252667410959370162679768442517420660165"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-6f2b6b29",
        "target": {
            "file": "src/gui/kernel/qwindow.cpp",
            "function": "QWindowPrivate::destroy"
        },
        "digest": {
            "function_hash": "176722929344905443242641945216116209992",
            "length": 1404.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-7a3e94d5",
        "target": {
            "file": "src/gui/kernel/qwindow.cpp",
            "function": "QWindow::fromWinId"
        },
        "digest": {
            "function_hash": "336063707599965201397787498120887207169",
            "length": 463.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-83ab456c",
        "target": {
            "file": "src/gui/kernel/qwindow.cpp"
        },
        "digest": {
            "line_hashes": [
                "170918521822753109722805215684980918371",
                "208900494547661617563751714460267370046",
                "72361635139111024271292197914853792047",
                "296876370931435045398195468025204496532",
                "314588329271105265997394040364548181166",
                "225968566634798766526194628259854332030",
                "197495242586376899286860793700741657745",
                "37764931066808804107608242641882445630",
                "123161753631682005629502020092765198795",
                "127662497201127743309816801617869708966",
                "7456742301097996628237030342816657051",
                "311808879622629141321589447278234192084",
                "33224400154342995976006381824104992882",
                "264303571402420837268788127843935840176",
                "4286483838893697644920445583551222783",
                "215495962327457092015205985936722438580",
                "250759909051104766322651172427407149520",
                "242572804959014945605606592076337298207",
                "66066741872771280887458129748495793889",
                "152204835169387140523345328240925823692",
                "64451311532627355724053563169036360061",
                "228353725361454832350169210217754827285"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-b8966155",
        "target": {
            "file": "src/plugins/platforms/xcb/qxcbwindow.cpp",
            "function": "QXcbForeignWindow::QXcbForeignWindow"
        },
        "digest": {
            "function_hash": "339466499712346323303186085518200592490",
            "length": 385.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-cb3fac34",
        "target": {
            "file": "src/plugins/platforms/windows/qwindowswindow.cpp"
        },
        "digest": {
            "line_hashes": [
                "320163082161638120848969086796738968097",
                "20851984051808150355602232212892830408",
                "22306868943391977493998565180853396387",
                "326924177956679107123828597211693716992",
                "26867001979929416552194252857180725267"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "source": "https://github.com/qt/qtbase/commit/c195fe7d33decbd5ddd47ae46dbf8e0d9c20ba85",
        "id": "CVE-2024-36048-d4ca6a93",
        "target": {
            "file": "src/gui/kernel/qwindow.cpp",
            "function": "QWindowPrivate::create"
        },
        "digest": {
            "function_hash": "199618135588116812246470301302012436158",
            "length": 1427.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36048.json"