UBUNTU-CVE-2024-36048
- Source
- https://ubuntu.com/security/CVE-2024-36048
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-36048.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-36048
- Upstream
- Published
- 2024-05-18T21:15:00Z
- Modified
- 2025-07-14T06:46:44.599357Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- - medium
- Summary
- [none]
- Details
-
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
- References
Affected packages
Ubuntu:Pro:20.04:LTS / qtnetworkauth-everywhere-src
Package
- Name
- qtnetworkauth-everywhere-src
- Purl
- pkg:deb/ubuntu/qtnetworkauth-everywhere-src@5.12.8-0ubuntu1?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / qtnetworkauth-everywhere-src
Package
- Name
- qtnetworkauth-everywhere-src
- Purl
- pkg:deb/ubuntu/qtnetworkauth-everywhere-src@5.15.3-1?arch=source&distro=jammy
Ubuntu:24.04:LTS / qtnetworkauth-everywhere-src
Package
- Name
- qtnetworkauth-everywhere-src
- Purl
- pkg:deb/ubuntu/qtnetworkauth-everywhere-src@5.15.13-1?arch=source&distro=noble