Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDF5FA174D-19DE-11EF-83D8-4CCC6ADDA413
HistoryMay 08, 2024 - 12:00 a.m.

QtNetworkAuth -- predictable seeding of PRNG in QAbstractOAuth

2024-05-0800:00:00
vuxml.freebsd.org
6
qtnetworkauth
oauth1
prng
vulnerability
seeding
predictable
nonce
attacker
control
time

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

Andy Shaw reports:

The OAuth1 implementation in QtNetworkAuth created nonces using
a PRNG that was seeded with a predictable seed.
This means that an attacker that can somehow control the time of
the first OAuth1 flow of the process has a high chance of predicting
the nonce used in said OAuth flow.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchqt5-networkauth< 5.15.13_1UNKNOWN
FreeBSDanynoarchqt6-networkauth< 6.7.1UNKNOWN

Related

mageia 1
fedora 97
openvas 89
nessus 6
cvelist 1
ubuntucve 1
cve 1
qt 1
nvd 1
debiancve 1
mageia
mageia
Updated qtnetworkauth5 & qtnetworkauth6 packages fix security vulnerability
2024-05-29 21:08:09
fedora
fedora
[SECURITY] Fedora 40 Update: qadwaitadecorations-0.1.5-3.fc40
2024-05-29 03:37:20
[SECURITY] Fedora 40 Update: qt6-qtcharts-6.7.1-1.fc40
2024-05-29 03:37:21
[SECURITY] Fedora 40 Update: qt6-qt5compat-6.7.1-1.fc40
2024-05-29 03:37:21
openvas
openvas
Fedora: Security Advisory for qt6 (FEDORA-2024-bfb8617ba3)
2024-06-07 00:00:00
Fedora: Security Advisory for qt6-qtwebsockets (FEDORA-2024-bfb8617ba3)
2024-06-07 00:00:00
Fedora: Security Advisory for qt5-qtwebkit (FEDORA-2024-2e27372d4c)
2024-06-07 00:00:00
nessus
nessus
Fedora 39 : qt5-qtnetworkauth (2024-3936682805)
2024-06-05 00:00:00
Fedora 40 : deepin-qt5integration / deepin-qt5platform-plugins / dwayland / etc (2024-2e27372d4c)
2024-06-05 00:00:00
openSUSE 15 Security Update : qt6-networkauth (openSUSE-SU-2024:0138-1)
2024-05-25 00:00:00
cvelist
cvelist
CVE-2024-36048
2024-05-18 00:00:00
ubuntucve
ubuntucve
CVE-2024-36048
2024-05-18 00:00:00
cve
cve
CVE-2024-36048
2024-05-18 21:15:47
qt
qt
Security advisory: OAuth1 in QtNetworkAuth
2024-05-24 00:00:00
nvd
nvd
CVE-2024-36048
2024-05-18 21:15:47
debiancve
debiancve
CVE-2024-36048
2024-05-18 21:15:47

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON
Related for F5FA174D-19DE-11EF-83D8-4CCC6ADDA413
mageia1fedora97openvas89nessus6cvelist1ubuntucve1cve1qt1nvd1debiancve1