CVE-2024-38277

{"id": "CVE-2024-38277", "metrics": {}, "published": "2024-06-18T20:15:14.210", "references": [{"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/", "source": "patrick@puiterwijk.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/", "source": "patrick@puiterwijk.org"}, {"url": "https://moodle.org/mod/forum/discuss.php?d=459502", "source": "patrick@puiterwijk.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-324"}]}], "descriptions": [{"lang": "en", "value": "A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two."}, {"lang": "es", "value": "Se debe generar una clave \u00fanica para la clave de inicio de sesi\u00f3n QR de un usuario y su clave de inicio de sesi\u00f3n autom\u00e1tico, de modo que la misma clave no se pueda usar indistintamente entre las dos."}], "lastModified": "2024-06-27T03:15:50.370", "sourceIdentifier": "patrick@puiterwijk.org"}