{ "Definition": [ { "ID": "oval:org.altlinux.errata:def:20231659", "Version": "oval:org.altlinux.errata:def:20231659", "Class": "patch", "Metadata": { "Title": "ALT-PU-2023-1659: package `chromium` update to version 112.0.5615.165-alt1", "AffectedList": [ { "Family": "unix", "Platforms": [ "ALT Linux branch p11" ], "Products": [ "ALT Container" ] } ], "References": [ { "RefID": "ALT-PU-2023-1659", "RefURL": "https://errata.altlinux.org/ALT-PU-2023-1659", "Source": "ALTPU" }, { "RefID": "BDU:2023-01469", "RefURL": "https://bdu.fstec.ru/vul/2023-01469", "Source": "BDU" }, { "RefID": "BDU:2023-01616", "RefURL": "https://bdu.fstec.ru/vul/2023-01616", "Source": "BDU" }, { "RefID": "BDU:2023-01617", "RefURL": "https://bdu.fstec.ru/vul/2023-01617", "Source": "BDU" }, { "RefID": "BDU:2023-01618", "RefURL": "https://bdu.fstec.ru/vul/2023-01618", "Source": "BDU" }, { "RefID": "BDU:2023-01619", "RefURL": "https://bdu.fstec.ru/vul/2023-01619", "Source": "BDU" }, { "RefID": "BDU:2023-01620", "RefURL": "https://bdu.fstec.ru/vul/2023-01620", "Source": "BDU" }, { "RefID": "BDU:2023-01621", "RefURL": "https://bdu.fstec.ru/vul/2023-01621", "Source": "BDU" }, { "RefID": "BDU:2023-01862", "RefURL": "https://bdu.fstec.ru/vul/2023-01862", "Source": "BDU" }, { "RefID": "BDU:2023-01863", "RefURL": "https://bdu.fstec.ru/vul/2023-01863", "Source": "BDU" }, { "RefID": "BDU:2023-01864", "RefURL": "https://bdu.fstec.ru/vul/2023-01864", "Source": "BDU" }, { "RefID": "BDU:2023-01865", "RefURL": "https://bdu.fstec.ru/vul/2023-01865", "Source": "BDU" }, { "RefID": "BDU:2023-01866", "RefURL": "https://bdu.fstec.ru/vul/2023-01866", "Source": "BDU" }, { "RefID": "BDU:2023-01867", "RefURL": "https://bdu.fstec.ru/vul/2023-01867", "Source": "BDU" }, { "RefID": "BDU:2023-01868", "RefURL": "https://bdu.fstec.ru/vul/2023-01868", "Source": "BDU" }, { "RefID": "BDU:2023-01869", "RefURL": "https://bdu.fstec.ru/vul/2023-01869", "Source": "BDU" }, { "RefID": "BDU:2023-01870", "RefURL": "https://bdu.fstec.ru/vul/2023-01870", "Source": "BDU" }, { "RefID": "BDU:2023-01871", "RefURL": "https://bdu.fstec.ru/vul/2023-01871", "Source": "BDU" }, { "RefID": "BDU:2023-01872", "RefURL": "https://bdu.fstec.ru/vul/2023-01872", "Source": "BDU" }, { "RefID": "BDU:2023-01873", "RefURL": "https://bdu.fstec.ru/vul/2023-01873", "Source": "BDU" }, { "RefID": "BDU:2023-01874", "RefURL": "https://bdu.fstec.ru/vul/2023-01874", "Source": "BDU" }, { "RefID": "BDU:2023-01875", "RefURL": "https://bdu.fstec.ru/vul/2023-01875", "Source": "BDU" }, { "RefID": "BDU:2023-02114", "RefURL": "https://bdu.fstec.ru/vul/2023-02114", "Source": "BDU" }, { "RefID": "BDU:2023-02170", "RefURL": "https://bdu.fstec.ru/vul/2023-02170", "Source": "BDU" }, { "RefID": "BDU:2023-02308", "RefURL": "https://bdu.fstec.ru/vul/2023-02308", "Source": "BDU" }, { "RefID": "BDU:2023-02312", "RefURL": "https://bdu.fstec.ru/vul/2023-02312", "Source": "BDU" }, { "RefID": "BDU:2023-02313", "RefURL": "https://bdu.fstec.ru/vul/2023-02313", "Source": "BDU" }, { "RefID": "BDU:2023-02314", "RefURL": "https://bdu.fstec.ru/vul/2023-02314", "Source": "BDU" }, { "RefID": "CVE-2023-1528", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1528", "Source": "CVE" }, { "RefID": "CVE-2023-1529", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1529", "Source": "CVE" }, { "RefID": "CVE-2023-1530", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1530", "Source": "CVE" }, { "RefID": "CVE-2023-1531", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1531", "Source": "CVE" }, { "RefID": "CVE-2023-1532", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1532", "Source": "CVE" }, { "RefID": "CVE-2023-1533", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1533", "Source": "CVE" }, { "RefID": "CVE-2023-1534", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1534", "Source": "CVE" }, { "RefID": "CVE-2023-1810", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1810", "Source": "CVE" }, { "RefID": "CVE-2023-1811", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1811", "Source": "CVE" }, { "RefID": "CVE-2023-1812", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1812", "Source": "CVE" }, { "RefID": "CVE-2023-1813", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1813", "Source": "CVE" }, { "RefID": "CVE-2023-1814", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1814", "Source": "CVE" }, { "RefID": "CVE-2023-1815", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1815", "Source": "CVE" }, { "RefID": "CVE-2023-1816", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1816", "Source": "CVE" }, { "RefID": "CVE-2023-1817", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1817", "Source": "CVE" }, { "RefID": "CVE-2023-1818", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1818", "Source": "CVE" }, { "RefID": "CVE-2023-1819", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1819", "Source": "CVE" }, { "RefID": "CVE-2023-1820", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1820", "Source": "CVE" }, { "RefID": "CVE-2023-1821", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1821", "Source": "CVE" }, { "RefID": "CVE-2023-1822", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1822", "Source": "CVE" }, { "RefID": "CVE-2023-1823", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1823", "Source": "CVE" }, { "RefID": "CVE-2023-2033", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2033", "Source": "CVE" }, { "RefID": "CVE-2023-2133", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2133", "Source": "CVE" }, { "RefID": "CVE-2023-2134", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2134", "Source": "CVE" }, { "RefID": "CVE-2023-2135", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2135", "Source": "CVE" }, { "RefID": "CVE-2023-2136", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2136", "Source": "CVE" }, { "RefID": "CVE-2023-2137", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2137", "Source": "CVE" } ], "Description": "This update upgrades chromium to version 112.0.5615.165-alt1. \nSecurity Fix(es):\n\n * BDU:2023-01469: Уязвимость компонента Passwords браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01616: Уязвимость интерфейса WebHID (Human Interface Device) браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01617: Уязвимость компонента PDFium браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01618: Уязвимость компонента WebProtect браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01619: Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01620: Уязвимость компонента GPU Video браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2023-01621: Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2023-01862: Уязвимость технологии Picture In Picture браузера Google Chrome, позволяющая нарушителю выполнить спуфинговую атаку\n\n * BDU:2023-01863: Уязвимость службы Safe Browsing браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-01864: Уязвимость компонента Networking API браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2023-01865: Уязвимость компонента Visuals браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01866: Уязвимость расширений браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-01867: Уязвимость компонента Frames браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01868: Уязвимость истории браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01869: Уязвимость функции Intents браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01870: Уязвимость компонента FedCM браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01871: Уязвимость компонента WebShare браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01872: Уязвимость компонента DOM Bindings браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01873: Уязвимость режима рендеринга Vulkan браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01874: Уязвимость функции Navigation браузера Google Chrome, позволяющая нарушителю выполнить спуфинговую атаку\n\n * BDU:2023-01875: Уязвимость компонента Accessibility браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-02114: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02170: Уязвимость библиотеки Skia браузера Google Chrome, позволяющая нарушителю выйти из изолированной программной среды и выполнить произвольный код\n\n * BDU:2023-02308: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02312: Уязвимость скрипта Service Worker API веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02313: Уязвимость компонента SQLite веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02314: Уязвимость скрипта Service Worker API веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-1528: Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1529: Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)\n\n * CVE-2023-1530: Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1531: Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1532: Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1533: Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1534: Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1810: Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1811: Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1812: Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1813: Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1815: Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1816: Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1817: Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1818: Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1819: Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1820: Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1821: Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-1822: Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-1823: Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2133: Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2134: Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2135: Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2136: Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2137: Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "Advisory": { "From": "errata.altlinux.org", "Severity": "Critical", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2023-04-21" }, "Updated": { "Date": "2023-04-21" }, "BDUs": [ { "ID": "BDU:2023-01469", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01469", "Impact": "Critical", "Public": "20230321" }, { "ID": "BDU:2023-01616", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "CWE": "CWE-119", "Href": "https://bdu.fstec.ru/vul/2023-01616", "Impact": "Critical", "Public": "20230321" }, { "ID": "BDU:2023-01617", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01617", "Impact": "High", "Public": "20230321" }, { "ID": "BDU:2023-01618", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01618", "Impact": "High", "Public": "20230321" }, { "ID": "BDU:2023-01619", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01619", "Impact": "High", "Public": "20230321" }, { "ID": "BDU:2023-01620", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-125", "Href": "https://bdu.fstec.ru/vul/2023-01620", "Impact": "Low", "Public": "20230321" }, { "ID": "BDU:2023-01621", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-125", "Href": "https://bdu.fstec.ru/vul/2023-01621", "Impact": "Low", "Public": "20230321" }, { "ID": "BDU:2023-01862", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-451", "Href": "https://bdu.fstec.ru/vul/2023-01862", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01863", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-20", "Href": "https://bdu.fstec.ru/vul/2023-01863", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01864", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01864", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01865", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-122", "Href": "https://bdu.fstec.ru/vul/2023-01865", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01866", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-358", "Href": "https://bdu.fstec.ru/vul/2023-01866", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01867", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01867", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01868", "CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "CWE": "CWE-122", "Href": "https://bdu.fstec.ru/vul/2023-01868", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01869", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-264", "Href": "https://bdu.fstec.ru/vul/2023-01869", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01870", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-358", "Href": "https://bdu.fstec.ru/vul/2023-01870", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01871", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-358", "Href": "https://bdu.fstec.ru/vul/2023-01871", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01872", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-125", "Href": "https://bdu.fstec.ru/vul/2023-01872", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01873", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-01873", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01874", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-451", "Href": "https://bdu.fstec.ru/vul/2023-01874", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-01875", "CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "CWE": "CWE-125", "Href": "https://bdu.fstec.ru/vul/2023-01875", "Impact": "Low", "Public": "20230404" }, { "ID": "BDU:2023-02114", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "CWE": "CWE-843", "Href": "https://bdu.fstec.ru/vul/2023-02114", "Impact": "Critical", "Public": "20230414" }, { "ID": "BDU:2023-02170", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "CWE": "CWE-190", "Href": "https://bdu.fstec.ru/vul/2023-02170", "Impact": "Critical", "Public": "20230418" }, { "ID": "BDU:2023-02308", "CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2023-02308", "Impact": "High", "Public": "20230418" }, { "ID": "BDU:2023-02312", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://bdu.fstec.ru/vul/2023-02312", "Impact": "High", "Public": "20230418" }, { "ID": "BDU:2023-02313", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://bdu.fstec.ru/vul/2023-02313", "Impact": "High", "Public": "20230418" }, { "ID": "BDU:2023-02314", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://bdu.fstec.ru/vul/2023-02314", "Impact": "High", "Public": "20230418" } ], "CVEs": [ { "ID": "CVE-2023-1528", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1528", "Impact": "High", "Public": "20230321" }, { "ID": "CVE-2023-1529", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1529", "Impact": "Critical", "Public": "20230321" }, { "ID": "CVE-2023-1530", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1530", "Impact": "High", "Public": "20230321" }, { "ID": "CVE-2023-1531", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1531", "Impact": "High", "Public": "20230321" }, { "ID": "CVE-2023-1532", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-125", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1532", "Impact": "High", "Public": "20230321" }, { "ID": "CVE-2023-1533", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1533", "Impact": "High", "Public": "20230321" }, { "ID": "CVE-2023-1534", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-125", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1534", "Impact": "High", "Public": "20230321" }, { "ID": "CVE-2023-1810", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1810", "Impact": "High", "Public": "20230404" }, { "ID": "CVE-2023-1811", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1811", "Impact": "High", "Public": "20230404" }, { "ID": "CVE-2023-1812", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1812", "Impact": "High", "Public": "20230404" }, { "ID": "CVE-2023-1813", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1813", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1814", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1814", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1815", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1815", "Impact": "High", "Public": "20230404" }, { "ID": "CVE-2023-1816", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1816", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1817", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1817", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1818", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1818", "Impact": "High", "Public": "20230404" }, { "ID": "CVE-2023-1819", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-125", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1819", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1820", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1820", "Impact": "High", "Public": "20230404" }, { "ID": "CVE-2023-1821", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1821", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1822", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1822", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-1823", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1823", "Impact": "Low", "Public": "20230404" }, { "ID": "CVE-2023-2033", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-843", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2033", "Impact": "High", "Public": "20230414" }, { "ID": "CVE-2023-2133", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2133", "Impact": "High", "Public": "20230419" }, { "ID": "CVE-2023-2134", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2134", "Impact": "High", "Public": "20230419" }, { "ID": "CVE-2023-2135", "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2135", "Impact": "High", "Public": "20230419" }, { "ID": "CVE-2023-2136", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "CWE": "CWE-190", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2136", "Impact": "Critical", "Public": "20230419" }, { "ID": "CVE-2023-2137", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2137", "Impact": "High", "Public": "20230419" } ], "AffectedCPEs": { "CPEs": [ "cpe:/o:alt:container:11" ] } } }, "Criteria": { "Operator": "AND", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:3001", "Comment": "ALT Linux must be installed" } ], "Criterias": [ { "Operator": "OR", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:20231659001", "Comment": "chromium is earlier than 0:112.0.5615.165-alt1" } ] } ] } } ] }