ALT Vulnerability
This commit is contained in:
parent
c01e441d65
commit
6ce5edd038
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -161,10 +161,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -186,12 +186,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
@ -69,12 +69,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03938",
|
||||
|
||||
@ -180,10 +180,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03088",
|
||||
@ -196,12 +196,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03177",
|
||||
|
||||
@ -59,12 +59,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-05829",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -146,10 +146,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03088",
|
||||
@ -162,12 +162,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03177",
|
||||
|
||||
@ -206,10 +206,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03088",
|
||||
@ -222,12 +222,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03177",
|
||||
|
||||
@ -224,21 +224,21 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -260,12 +260,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
@ -224,21 +224,21 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -260,12 +260,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -196,10 +196,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03088",
|
||||
@ -212,12 +212,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03177",
|
||||
|
||||
@ -1257,12 +1257,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-02325",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||||
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-02325",
|
||||
"Impact": "Low",
|
||||
"Public": "20220214"
|
||||
"Public": "20211210"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-02328",
|
||||
|
||||
@ -54,12 +54,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -54,12 +54,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -69,12 +69,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-05829",
|
||||
|
||||
@ -173,12 +173,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-05794",
|
||||
|
||||
@ -681,12 +681,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-04878",
|
||||
|
||||
@ -114,12 +114,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-05481",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-284",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05481",
|
||||
"Impact": "Low",
|
||||
"Public": "20200424"
|
||||
"Public": "20201110"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05482",
|
||||
|
||||
@ -1785,12 +1785,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-02325",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||||
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-02325",
|
||||
"Impact": "Low",
|
||||
"Public": "20220214"
|
||||
"Public": "20211210"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-02328",
|
||||
|
||||
@ -3377,12 +3377,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-02325",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||||
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-02325",
|
||||
"Impact": "Low",
|
||||
"Public": "20220214"
|
||||
"Public": "20211210"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-02328",
|
||||
@ -3827,12 +3827,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-04878",
|
||||
@ -5326,7 +5326,7 @@
|
||||
"CWE": "CWE-125",
|
||||
"Href": "https://bdu.fstec.ru/vul/2023-03728",
|
||||
"Impact": "Low",
|
||||
"Public": "20230419"
|
||||
"Public": "20220905"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2023-03780",
|
||||
|
||||
@ -179,12 +179,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2019-02780",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-02780",
|
||||
"Impact": "Low",
|
||||
"Public": "20190515"
|
||||
"Public": "20190510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-03092",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -90,7 +90,7 @@
|
||||
"Source": "CVE"
|
||||
}
|
||||
],
|
||||
"Description": "This update upgrades libvirt to version 5.4.0-alt2. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02856: Уязвимость модулей virtlockd-admin.socket и virtlogd-admin.socket библиотеки управления виртуализацией Libvirt, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2021-03397: Уязвимость библиотеки управления виртуализацией Libvirt, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-10132: A vulnerability was found in libvirt \u003e= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-3886: An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.",
|
||||
"Description": "This update upgrades libvirt to version 5.4.0-alt2. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти (MDSUM), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения (MFBDS), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02856: Уязвимость модулей virtlockd-admin.socket и virtlogd-admin.socket библиотеки управления виртуализацией Libvirt, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2021-03397: Уязвимость библиотеки управления виртуализацией Libvirt, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-10132: A vulnerability was found in libvirt \u003e= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-3886: An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.",
|
||||
"Advisory": {
|
||||
"From": "errata.altlinux.org",
|
||||
"Severity": "High",
|
||||
@ -104,12 +104,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2019-01957",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01957",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01958",
|
||||
@ -122,21 +122,21 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01959",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01959",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01960",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01960",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02856",
|
||||
|
||||
@ -229,12 +229,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00294",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00294",
|
||||
"Impact": "High",
|
||||
"Public": "20191203"
|
||||
"Public": "20190319"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00360",
|
||||
@ -247,12 +247,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00367",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00367",
|
||||
"Impact": "Low",
|
||||
"Public": "20190306"
|
||||
"Public": "20190319"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01602",
|
||||
@ -265,12 +265,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02919",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02919",
|
||||
"Impact": "Low",
|
||||
"Public": "20190603"
|
||||
"Public": "20190602"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-06329",
|
||||
|
||||
@ -80,7 +80,7 @@
|
||||
"Source": "CVE"
|
||||
}
|
||||
],
|
||||
"Description": "This update upgrades kernel-image-std-debug to version 4.19.49-alt1. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02780: Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.",
|
||||
"Description": "This update upgrades kernel-image-std-debug to version 4.19.49-alt1. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти (MDSUM), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения (MFBDS), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02780: Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.",
|
||||
"Advisory": {
|
||||
"From": "errata.altlinux.org",
|
||||
"Severity": "Low",
|
||||
@ -94,12 +94,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2019-01957",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01957",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01958",
|
||||
@ -112,30 +112,30 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01959",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01959",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01960",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01960",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02780",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-02780",
|
||||
"Impact": "Low",
|
||||
"Public": "20190515"
|
||||
"Public": "20190510"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -90,7 +90,7 @@
|
||||
"Source": "CVE"
|
||||
}
|
||||
],
|
||||
"Description": "This update upgrades kernel-image-std-def to version 4.19.49-alt1. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02780: Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2020-02044: Уязвимость функции brcmf_wowl_nd_results драйвер Broadcom brcmfmac WiFi ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.\n\n * CVE-2019-9500: The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.",
|
||||
"Description": "This update upgrades kernel-image-std-def to version 4.19.49-alt1. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти (MDSUM), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения (MFBDS), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02780: Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2020-02044: Уязвимость функции brcmf_wowl_nd_results драйвер Broadcom brcmfmac WiFi ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.\n\n * CVE-2019-9500: The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.",
|
||||
"Advisory": {
|
||||
"From": "errata.altlinux.org",
|
||||
"Severity": "High",
|
||||
@ -104,12 +104,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2019-01957",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01957",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01958",
|
||||
@ -122,30 +122,30 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01959",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01959",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01960",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01960",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02780",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-02780",
|
||||
"Impact": "Low",
|
||||
"Public": "20190515"
|
||||
"Public": "20190510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02044",
|
||||
|
||||
@ -80,7 +80,7 @@
|
||||
"Source": "CVE"
|
||||
}
|
||||
],
|
||||
"Description": "This update upgrades kernel-image-std-pae to version 4.19.49-alt1. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02780: Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.",
|
||||
"Description": "This update upgrades kernel-image-std-pae to version 4.19.49-alt1. \nSecurity Fix(es):\n\n * BDU:2019-01957: Уязвимость процессоров Intel, связанная с микроархитектурной выборкой данных некэшируемой памяти (MDSUM), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01958: Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-01959: Уязвимость процессоров Intel, связанная с восстановлением содержимого буферов заполнения (MFBDS), позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2019-01960: Уязвимость буфера данных MSBDS микропрограммного обеспечения Intel, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2019-02780: Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf\n\n * CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.",
|
||||
"Advisory": {
|
||||
"From": "errata.altlinux.org",
|
||||
"Severity": "Low",
|
||||
@ -94,12 +94,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2019-01957",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01957",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01958",
|
||||
@ -112,30 +112,30 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01959",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01959",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-01960",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200, CWE-203, CWE-385",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-01960",
|
||||
"Impact": "Low",
|
||||
"Public": "20190517"
|
||||
"Public": "20190306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02780",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-02780",
|
||||
"Impact": "Low",
|
||||
"Public": "20190515"
|
||||
"Public": "20190510"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -99,10 +99,10 @@
|
||||
"ID": "BDU:2020-02385",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-399, CWE-400",
|
||||
"CWE": "CWE-399, CWE-400, CWE-401",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02385",
|
||||
"Impact": "Low",
|
||||
"Public": "20190829"
|
||||
"Public": "20190529"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -151,12 +151,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02780",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-02780",
|
||||
"Impact": "Low",
|
||||
"Public": "20190515"
|
||||
"Public": "20190510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02782",
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"Source": "CVE"
|
||||
}
|
||||
],
|
||||
"Description": "This update upgrades kernel-image-std-def to version 4.19.59-alt1. \nSecurity Fix(es):\n\n * BDU:2019-02927: Уязвимость функции mwifiex_update_bss_desc_with_ie ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2020-01593: Уязвимость функции mwifiex_uap_parse_tail_ies ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2020-01891: Уязвимость функции ptrace_link ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * CVE-2019-10126: A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\n\n * CVE-2019-13272: In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n\n * CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.",
|
||||
"Description": "This update upgrades kernel-image-std-def to version 4.19.59-alt1. \nSecurity Fix(es):\n\n * BDU:2019-02927: Уязвимость функции mwifiex_update_bss_desc_with_ie ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2020-01593: Уязвимость функции mwifiex_uap_parse_tail_ies ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2020-01891: Уязвимость функции ptrace_link ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * CVE-2019-10126: A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\n\n * CVE-2019-13272: In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n\n * CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.",
|
||||
"Advisory": {
|
||||
"From": "errata.altlinux.org",
|
||||
"Severity": "Critical",
|
||||
@ -83,21 +83,21 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01593",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-119, CWE-122",
|
||||
"CWE": "CWE-119, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01593",
|
||||
"Impact": "Critical",
|
||||
"Public": "20190614"
|
||||
"Public": "20190601"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01891",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-264",
|
||||
"CWE": "CWE-264, CWE-269",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01891",
|
||||
"Impact": "High",
|
||||
"Public": "20190704"
|
||||
"Public": "20190705"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -440,12 +440,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02780",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-02780",
|
||||
"Impact": "Low",
|
||||
"Public": "20190515"
|
||||
"Public": "20190510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-02915",
|
||||
@ -530,12 +530,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00294",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00294",
|
||||
"Impact": "High",
|
||||
"Public": "20191203"
|
||||
"Public": "20190319"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00303",
|
||||
@ -611,12 +611,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00367",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00367",
|
||||
"Impact": "Low",
|
||||
"Public": "20190306"
|
||||
"Public": "20190319"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00844",
|
||||
@ -638,12 +638,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01064",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-787",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01064",
|
||||
"Impact": "High",
|
||||
"Public": "20191127"
|
||||
"Impact": "Low",
|
||||
"Public": "20190409"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01077",
|
||||
@ -652,7 +652,7 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01077",
|
||||
"Impact": "Low",
|
||||
"Public": "20191127"
|
||||
"Public": "20190924"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01602",
|
||||
@ -665,12 +665,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02919",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02919",
|
||||
"Impact": "Low",
|
||||
"Public": "20190603"
|
||||
"Public": "20190602"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-06329",
|
||||
|
||||
@ -105,7 +105,7 @@
|
||||
"Source": "CVE"
|
||||
}
|
||||
],
|
||||
"Description": "This update upgrades kernel-image-un-def to version 5.1.18-alt1. \nSecurity Fix(es):\n\n * BDU:2019-02507: Уязвимость компонента arch/powerpc/mm/mmu_context_book3s64.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к содержимому памяти или вызвать повреждение памяти других процессов в системе\n\n * BDU:2019-02777: Уязвимость функции do_hidp_sock_ioctl ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-02927: Уязвимость функции mwifiex_update_bss_desc_with_ie ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2019-03087: Уязвимость драйвера sound/usb/line6/pcm.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-01593: Уязвимость функции mwifiex_uap_parse_tail_ies ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2020-01891: Уязвимость функции ptrace_link ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * BDU:2020-02385: Уязвимость компонента drivers/scsi/libsas/sas_expander.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2019-10126: A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\n\n * CVE-2019-12615: An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info-\u003evdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).\n\n * CVE-2019-12817: arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.\n\n * CVE-2019-12984: A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.\n\n * CVE-2019-13272: In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n\n * CVE-2019-15221: An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.\n\n * CVE-2019-15807: In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.\n\n * CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.",
|
||||
"Description": "This update upgrades kernel-image-un-def to version 5.1.18-alt1. \nSecurity Fix(es):\n\n * BDU:2019-02507: Уязвимость компонента arch/powerpc/mm/mmu_context_book3s64.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к содержимому памяти или вызвать повреждение памяти других процессов в системе\n\n * BDU:2019-02777: Уязвимость функции do_hidp_sock_ioctl ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-02927: Уязвимость функции mwifiex_update_bss_desc_with_ie ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2019-03087: Уязвимость драйвера sound/usb/line6/pcm.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-01593: Уязвимость функции mwifiex_uap_parse_tail_ies ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2020-01891: Уязвимость функции ptrace_link ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * BDU:2020-02385: Уязвимость компонента drivers/scsi/libsas/sas_expander.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2019-10126: A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\n\n * CVE-2019-12615: An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info-\u003evdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).\n\n * CVE-2019-12817: arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.\n\n * CVE-2019-12984: A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.\n\n * CVE-2019-13272: In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n\n * CVE-2019-15221: An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.\n\n * CVE-2019-15807: In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.\n\n * CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.",
|
||||
"Advisory": {
|
||||
"From": "errata.altlinux.org",
|
||||
"Severity": "Critical",
|
||||
@ -155,30 +155,30 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01593",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-119, CWE-122",
|
||||
"CWE": "CWE-119, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01593",
|
||||
"Impact": "Critical",
|
||||
"Public": "20190614"
|
||||
"Public": "20190601"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01891",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-264",
|
||||
"CWE": "CWE-264, CWE-269",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01891",
|
||||
"Impact": "High",
|
||||
"Public": "20190704"
|
||||
"Public": "20190705"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02385",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-399, CWE-400",
|
||||
"CWE": "CWE-399, CWE-400, CWE-401",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02385",
|
||||
"Impact": "Low",
|
||||
"Public": "20190829"
|
||||
"Public": "20190529"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -117,7 +117,7 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00286",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20190815"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00289",
|
||||
@ -126,16 +126,16 @@
|
||||
"CWE": "CWE-362",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00289",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20190812"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00295",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00295",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20190806"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-06411",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -160,10 +160,11 @@
|
||||
{
|
||||
"ID": "BDU:2019-03478",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-03478",
|
||||
"Impact": "Low",
|
||||
"Public": "20190729"
|
||||
"Public": "20190905"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-04676",
|
||||
@ -172,7 +173,7 @@
|
||||
"CWE": "CWE-120",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-04676",
|
||||
"Impact": "High",
|
||||
"Public": "20190919"
|
||||
"Public": "20190911"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-04677",
|
||||
@ -199,7 +200,7 @@
|
||||
"CWE": "CWE-125",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01344",
|
||||
"Impact": "Critical",
|
||||
"Public": "20190823"
|
||||
"Public": "20190722"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01488",
|
||||
@ -232,19 +233,19 @@
|
||||
"ID": "BDU:2020-03327",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03327",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03328",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03328",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03329",
|
||||
@ -253,7 +254,7 @@
|
||||
"CWE": "CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03329",
|
||||
"Impact": "High",
|
||||
"Public": "20191125"
|
||||
"Public": "20190903"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -149,7 +149,7 @@
|
||||
"CWE": "CWE-120",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-04676",
|
||||
"Impact": "High",
|
||||
"Public": "20190919"
|
||||
"Public": "20190911"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-04677",
|
||||
@ -167,7 +167,7 @@
|
||||
"CWE": "CWE-125",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01342",
|
||||
"Impact": "High",
|
||||
"Public": "20190904"
|
||||
"Public": "20190416"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01344",
|
||||
@ -176,7 +176,7 @@
|
||||
"CWE": "CWE-125",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01344",
|
||||
"Impact": "Critical",
|
||||
"Public": "20190823"
|
||||
"Public": "20190722"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01488",
|
||||
@ -209,19 +209,19 @@
|
||||
"ID": "BDU:2020-03327",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03327",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03328",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03328",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03329",
|
||||
@ -230,7 +230,7 @@
|
||||
"CWE": "CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03329",
|
||||
"Impact": "High",
|
||||
"Public": "20191125"
|
||||
"Public": "20190903"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -288,7 +288,7 @@
|
||||
"CWE": "CWE-772",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00285",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20190821"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00355",
|
||||
@ -310,37 +310,39 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01321",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-276",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01321",
|
||||
"Impact": "Low",
|
||||
"Public": "20191001"
|
||||
"Public": "20190924"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01322",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-276",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01322",
|
||||
"Impact": "Low",
|
||||
"Public": "20191001"
|
||||
"Public": "20190924"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01323",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-276",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01323",
|
||||
"Impact": "Low",
|
||||
"Public": "20191001"
|
||||
"Public": "20190924"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01324",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"CWE": "CWE-20, CWE-862",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01324",
|
||||
"Impact": "Low",
|
||||
"Public": "20191001"
|
||||
"Public": "20190924"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02427",
|
||||
@ -355,19 +357,19 @@
|
||||
"ID": "BDU:2020-03327",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03327",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03328",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03328",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03329",
|
||||
@ -376,15 +378,16 @@
|
||||
"CWE": "CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03329",
|
||||
"Impact": "High",
|
||||
"Public": "20191125"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05796",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-276",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05796",
|
||||
"Impact": "Low",
|
||||
"Public": "20191001"
|
||||
"Public": "20190924"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -97,7 +97,7 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00288",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20190919"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -69,7 +69,7 @@
|
||||
"CWE": "CWE-120",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00078",
|
||||
"Impact": "Critical",
|
||||
"Public": "20191004"
|
||||
"Public": "20191003"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00159",
|
||||
|
||||
@ -147,7 +147,7 @@
|
||||
"CWE": "CWE-120",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00078",
|
||||
"Impact": "Critical",
|
||||
"Public": "20191004"
|
||||
"Public": "20191003"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00118",
|
||||
@ -174,7 +174,7 @@
|
||||
"CWE": "CWE-22",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00233",
|
||||
"Impact": "High",
|
||||
"Public": "20191127"
|
||||
"Public": "20191005"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00287",
|
||||
@ -183,7 +183,7 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00287",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20191010"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00292",
|
||||
@ -192,7 +192,7 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00292",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20191004"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -269,19 +269,19 @@
|
||||
"ID": "BDU:2019-04812",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-400",
|
||||
"CWE": "CWE-400, CWE-401",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-04812",
|
||||
"Impact": "High",
|
||||
"Public": "20191118"
|
||||
"Public": "20191009"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-04829",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-400",
|
||||
"CWE": "CWE-400, CWE-401",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-04829",
|
||||
"Impact": "High",
|
||||
"Public": "20191106"
|
||||
"Public": "20191009"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2019-04830",
|
||||
@ -326,7 +326,7 @@
|
||||
"CWE": "CWE-400",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00349",
|
||||
"Impact": "Low",
|
||||
"Public": "20190723"
|
||||
"Public": "20190808"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00369",
|
||||
|
||||
@ -190,10 +190,10 @@
|
||||
"ID": "BDU:2019-04829",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-400",
|
||||
"CWE": "CWE-400, CWE-401",
|
||||
"Href": "https://bdu.fstec.ru/vul/2019-04829",
|
||||
"Impact": "High",
|
||||
"Public": "20191106"
|
||||
"Public": "20191009"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00347",
|
||||
|
||||
@ -204,16 +204,16 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00293",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20191104"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00296",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-909",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00296",
|
||||
"Impact": "Low",
|
||||
"Public": "20191203"
|
||||
"Public": "20191104"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00338",
|
||||
@ -235,7 +235,7 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00854",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00854",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -78,7 +78,7 @@
|
||||
"CWE": "CWE-200",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02944",
|
||||
"Impact": "Low",
|
||||
"Public": "20191127"
|
||||
"Public": "20191114"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -219,7 +219,7 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00853",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-269",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00853",
|
||||
@ -230,7 +230,7 @@
|
||||
"ID": "BDU:2020-01074",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-362, CWE-732",
|
||||
"CWE": "CWE-119, CWE-362, CWE-732",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01074",
|
||||
"Impact": "High",
|
||||
"Public": "20191128"
|
||||
@ -242,7 +242,7 @@
|
||||
"CWE": "CWE-200",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02944",
|
||||
"Impact": "Low",
|
||||
"Public": "20191127"
|
||||
"Public": "20191114"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05893",
|
||||
|
||||
@ -97,7 +97,7 @@
|
||||
"CWE": "CWE-22",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00233",
|
||||
"Impact": "High",
|
||||
"Public": "20191127"
|
||||
"Public": "20191005"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -141,12 +141,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00350",
|
||||
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-362",
|
||||
"CWE": "CWE-362, CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-00350",
|
||||
"Impact": "Low",
|
||||
"Public": "20191206"
|
||||
"Public": "20191209"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-00356",
|
||||
@ -164,7 +164,7 @@
|
||||
"CWE": "CWE-400",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03026",
|
||||
"Impact": "Low",
|
||||
"Public": "20200602"
|
||||
"Public": "20191209"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-04865",
|
||||
|
||||
@ -365,25 +365,25 @@
|
||||
"CWE": "CWE-200",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02944",
|
||||
"Impact": "Low",
|
||||
"Public": "20191127"
|
||||
"Public": "20191114"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03327",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03327",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03328",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-120, CWE-122",
|
||||
"CWE": "CWE-120, CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03328",
|
||||
"Impact": "High",
|
||||
"Public": "20190920"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03329",
|
||||
@ -392,7 +392,7 @@
|
||||
"CWE": "CWE-122, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03329",
|
||||
"Impact": "High",
|
||||
"Public": "20191125"
|
||||
"Public": "20190903"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05893",
|
||||
|
||||
@ -54,12 +54,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-02140",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-362",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02140",
|
||||
"Impact": "Low",
|
||||
"Public": "20200506"
|
||||
"Public": "20200115"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -104,10 +104,10 @@
|
||||
"ID": "BDU:2020-02429",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-20",
|
||||
"CWE": "CWE-20, CWE-662",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02429",
|
||||
"Impact": "Low",
|
||||
"Public": "20200509"
|
||||
"Public": "20200103"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03830",
|
||||
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -164,16 +164,16 @@
|
||||
"CWE": "CWE-125",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01075",
|
||||
"Impact": "High",
|
||||
"Public": "20200225"
|
||||
"Public": "20200224"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-01076",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-119",
|
||||
"CWE": "CWE-119, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-01076",
|
||||
"Impact": "Low",
|
||||
"Public": "20200225"
|
||||
"Public": "20200220"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02425",
|
||||
@ -182,34 +182,34 @@
|
||||
"CWE": "CWE-120",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02425",
|
||||
"Impact": "Low",
|
||||
"Public": "20200429"
|
||||
"Public": "20200303"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02430",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-772",
|
||||
"CWE": "CWE-401, CWE-772",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02430",
|
||||
"Impact": "Low",
|
||||
"Public": "20200509"
|
||||
"Public": "20200221"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02707",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:N/I:P/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
|
||||
"CWE": "CWE-119",
|
||||
"CWE": "CWE-119, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02707",
|
||||
"Impact": "Low",
|
||||
"Public": "20200324"
|
||||
"Public": "20200222"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03027",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-772",
|
||||
"CWE": "CWE-401, CWE-772",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03027",
|
||||
"Impact": "Low",
|
||||
"Public": "20200602"
|
||||
"Public": "20191213"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05548",
|
||||
@ -231,12 +231,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05792",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05792",
|
||||
"Impact": "High",
|
||||
"Public": "20200304"
|
||||
"Public": "20200306"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-03144",
|
||||
|
||||
@ -95,11 +95,11 @@
|
||||
{
|
||||
"ID": "BDU:2020-02134",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"CVSS3": "AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-416, CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02134",
|
||||
"Impact": "Low",
|
||||
"Public": "20200401"
|
||||
"Public": "20200312"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02136",
|
||||
@ -112,21 +112,21 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02416",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02416",
|
||||
"Impact": "Low",
|
||||
"Public": "20200407"
|
||||
"Public": "20200312"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05727",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
|
||||
"CWE": "CWE-119",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-119, CWE-125, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05727",
|
||||
"Impact": "High",
|
||||
"Public": "20200402"
|
||||
"Public": "20200330"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-04677",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -64,12 +64,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-05727",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
|
||||
"CWE": "CWE-119",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-119, CWE-125, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05727",
|
||||
"Impact": "High",
|
||||
"Public": "20200402"
|
||||
"Public": "20200330"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2022-03144",
|
||||
|
||||
@ -139,21 +139,21 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-02141",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-125",
|
||||
"CWE": "CWE-125, CWE-787",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02141",
|
||||
"Impact": "High",
|
||||
"Public": "20200506"
|
||||
"Public": "20200415"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02142",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02142",
|
||||
"Impact": "High",
|
||||
"Public": "20200506"
|
||||
"Public": "20200321"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-02286",
|
||||
@ -171,7 +171,7 @@
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-02426",
|
||||
"Impact": "Low",
|
||||
"Public": "20200429"
|
||||
"Public": "20200416"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03819",
|
||||
@ -212,10 +212,10 @@
|
||||
"ID": "BDU:2021-01200",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-200",
|
||||
"CWE": "CWE-200, CWE-908, CWE-909",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-01200",
|
||||
"Impact": "Low",
|
||||
"Public": "20200402"
|
||||
"Public": "20200401"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02578",
|
||||
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -89,7 +89,7 @@
|
||||
"CWE": "CWE-190",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03071",
|
||||
"Impact": "High",
|
||||
"Public": "20200609"
|
||||
"Public": "20200527"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05546",
|
||||
|
||||
@ -69,7 +69,7 @@
|
||||
"CWE": "CWE-190",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03071",
|
||||
"Impact": "High",
|
||||
"Public": "20200609"
|
||||
"Public": "20200527"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-06410",
|
||||
|
||||
@ -159,7 +159,7 @@
|
||||
"CWE": "CWE-190",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03071",
|
||||
"Impact": "High",
|
||||
"Public": "20200609"
|
||||
"Public": "20200527"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03435",
|
||||
@ -204,7 +204,7 @@
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00445",
|
||||
"Impact": "Low",
|
||||
"Public": "20200522"
|
||||
"Public": "20200512"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01957",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -199,7 +199,7 @@
|
||||
"CWE": "CWE-190",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-03071",
|
||||
"Impact": "High",
|
||||
"Public": "20200609"
|
||||
"Public": "20200527"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-03435",
|
||||
@ -253,7 +253,7 @@
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00445",
|
||||
"Impact": "Low",
|
||||
"Public": "20200522"
|
||||
"Public": "20200512"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01957",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -348,10 +348,10 @@
|
||||
"ID": "BDU:2020-05386",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-119",
|
||||
"CWE": "CWE-119, CWE-681",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05386",
|
||||
"Impact": "Low",
|
||||
"Public": "20201016"
|
||||
"Public": "20201008"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05549",
|
||||
@ -418,30 +418,30 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-00261",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-476",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00261",
|
||||
"Impact": "Low",
|
||||
"Public": "20201123"
|
||||
"Public": "20200721"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-00285",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00285",
|
||||
"Impact": "Low",
|
||||
"Public": "20201123"
|
||||
"Public": "20200616"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01953",
|
||||
@ -463,12 +463,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02144",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||||
"CWE": "CWE-400",
|
||||
"CWE": "CWE-400, CWE-732",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02144",
|
||||
"Impact": "Low",
|
||||
"Public": "20200617"
|
||||
"Public": "20200701"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03291",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -89,12 +89,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-04797",
|
||||
"CVSS": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||||
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-20, CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-04797",
|
||||
"Impact": "High",
|
||||
"Public": "20201123"
|
||||
"Public": "20200925"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05454",
|
||||
|
||||
@ -64,12 +64,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00005",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416, CWE-667",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00005",
|
||||
"Impact": "High",
|
||||
"Public": "20201203"
|
||||
"Public": "20201204"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02982",
|
||||
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -99,12 +99,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-04797",
|
||||
"CVSS": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||||
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-20, CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-04797",
|
||||
"Impact": "High",
|
||||
"Public": "20201123"
|
||||
"Public": "20200925"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05454",
|
||||
@ -117,12 +117,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-00005",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416, CWE-667",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00005",
|
||||
"Impact": "High",
|
||||
"Public": "20201203"
|
||||
"Public": "20201204"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-00106",
|
||||
|
||||
@ -64,12 +64,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-01126",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-362",
|
||||
"CWE": "CWE-269, CWE-362, CWE-667",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-01126",
|
||||
"Impact": "High",
|
||||
"Public": "20210205"
|
||||
"Public": "20210201"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02591",
|
||||
|
||||
@ -144,12 +144,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-01126",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-362",
|
||||
"CWE": "CWE-269, CWE-362, CWE-667",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-01126",
|
||||
"Impact": "High",
|
||||
"Public": "20210205"
|
||||
"Public": "20210201"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01616",
|
||||
|
||||
@ -241,12 +241,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01126",
|
||||
"CVSS": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-362",
|
||||
"CWE": "CWE-269, CWE-362, CWE-667",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-01126",
|
||||
"Impact": "High",
|
||||
"Public": "20210205"
|
||||
"Public": "20210201"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01616",
|
||||
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -106,10 +106,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -131,12 +131,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
@ -106,10 +106,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -131,12 +131,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
@ -74,12 +74,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03938",
|
||||
|
||||
@ -74,12 +74,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03938",
|
||||
|
||||
@ -146,10 +146,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03088",
|
||||
@ -162,12 +162,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03177",
|
||||
|
||||
@ -206,10 +206,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03088",
|
||||
@ -222,12 +222,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03177",
|
||||
|
||||
@ -219,12 +219,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01956",
|
||||
@ -239,10 +239,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -264,12 +264,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
@ -219,12 +219,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00284",
|
||||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-200, CWE-347",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00284",
|
||||
"Impact": "Low",
|
||||
"Public": "20201002"
|
||||
"Public": "20201001"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-01956",
|
||||
@ -239,10 +239,10 @@
|
||||
"ID": "BDU:2021-02663",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"CWE": "CWE-306",
|
||||
"CWE": "CWE-306, CWE-327",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-02663",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-02665",
|
||||
@ -264,12 +264,12 @@
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03095",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||||
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||||
"CWE": "CWE-20",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-03095",
|
||||
"Impact": "Low",
|
||||
"Public": "20210511"
|
||||
"Public": "20210510"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-03175",
|
||||
|
||||
File diff suppressed because one or more lines are too long
@ -124,12 +124,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2021-00005",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-416, CWE-667",
|
||||
"Href": "https://bdu.fstec.ru/vul/2021-00005",
|
||||
"Impact": "High",
|
||||
"Public": "20201203"
|
||||
"Public": "20201204"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2021-00014",
|
||||
|
||||
@ -54,12 +54,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2022-04733",
|
||||
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CWE": "CWE-843",
|
||||
"Href": "https://bdu.fstec.ru/vul/2022-04733",
|
||||
"Impact": "High",
|
||||
"Public": "20220704"
|
||||
"Public": "20220703"
|
||||
}
|
||||
],
|
||||
"CVEs": [
|
||||
|
||||
@ -154,12 +154,12 @@
|
||||
"BDUs": [
|
||||
{
|
||||
"ID": "BDU:2020-05481",
|
||||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"CWE": "CWE-284",
|
||||
"Href": "https://bdu.fstec.ru/vul/2020-05481",
|
||||
"Impact": "Low",
|
||||
"Public": "20200424"
|
||||
"Public": "20201110"
|
||||
},
|
||||
{
|
||||
"ID": "BDU:2020-05482",
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user