OESA-2025-1140
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1140
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-1140.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2025-1140
- Upstream
- Published
- 2025-02-21T13:35:30Z
- Modified
- 2025-09-03T06:20:20.136040Z
- Summary
- qt5-qtnetworkauth security update
- Details
-
Qt5 - NetworkAuth component
Security Fix(es):
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.(CVE-2024-36048)
- Database specific
{ "severity": "Critical" }- References
Affected packages
openEuler:24.03-LTS-SP1 / qt5-qtnetworkauth
Package
- Name
- qt5-qtnetworkauth
- Purl
- pkg:rpm/openEuler/qt5-qtnetworkauth&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.10-2.oe2403sp1
Ecosystem specific
{
"x86_64": [
"qt5-qtnetworkauth-5.15.10-2.oe2403sp1.x86_64.rpm",
"qt5-qtnetworkauth-debuginfo-5.15.10-2.oe2403sp1.x86_64.rpm",
"qt5-qtnetworkauth-debugsource-5.15.10-2.oe2403sp1.x86_64.rpm",
"qt5-qtnetworkauth-devel-5.15.10-2.oe2403sp1.x86_64.rpm",
"qt5-qtnetworkauth-examples-5.15.10-2.oe2403sp1.x86_64.rpm"
],
"aarch64": [
"qt5-qtnetworkauth-5.15.10-2.oe2403sp1.aarch64.rpm",
"qt5-qtnetworkauth-debuginfo-5.15.10-2.oe2403sp1.aarch64.rpm",
"qt5-qtnetworkauth-debugsource-5.15.10-2.oe2403sp1.aarch64.rpm",
"qt5-qtnetworkauth-devel-5.15.10-2.oe2403sp1.aarch64.rpm",
"qt5-qtnetworkauth-examples-5.15.10-2.oe2403sp1.aarch64.rpm"
],
"src": [
"qt5-qtnetworkauth-5.15.10-2.oe2403sp1.src.rpm"
]
}