{ "Definition": [ { "ID": "oval:org.altlinux.errata:def:20212573", "Version": "oval:org.altlinux.errata:def:20212573", "Class": "patch", "Metadata": { "Title": "ALT-PU-2021-2573: package `chromium` update to version 92.0.4515.107-alt0.p9.1", "AffectedList": [ { "Family": "unix", "Platforms": [ "ALT Linux branch p9" ], "Products": [ "ALT Server", "ALT Virtualization Server", "ALT Workstation", "ALT Workstation K", "ALT Education", "Simply Linux", "Starterkit" ] } ], "References": [ { "RefID": "ALT-PU-2021-2573", "RefURL": "https://errata.altlinux.org/ALT-PU-2021-2573", "Source": "ALTPU" }, { "RefID": "BDU:2021-03859", "RefURL": "https://bdu.fstec.ru/vul/2021-03859", "Source": "BDU" }, { "RefID": "BDU:2021-03860", "RefURL": "https://bdu.fstec.ru/vul/2021-03860", "Source": "BDU" }, { "RefID": "BDU:2021-03865", "RefURL": "https://bdu.fstec.ru/vul/2021-03865", "Source": "BDU" }, { "RefID": "BDU:2021-03866", "RefURL": "https://bdu.fstec.ru/vul/2021-03866", "Source": "BDU" }, { "RefID": "BDU:2021-03867", "RefURL": "https://bdu.fstec.ru/vul/2021-03867", "Source": "BDU" }, { "RefID": "BDU:2021-03872", "RefURL": "https://bdu.fstec.ru/vul/2021-03872", "Source": "BDU" }, { "RefID": "BDU:2021-03873", "RefURL": "https://bdu.fstec.ru/vul/2021-03873", "Source": "BDU" }, { "RefID": "BDU:2021-03904", "RefURL": "https://bdu.fstec.ru/vul/2021-03904", "Source": "BDU" }, { "RefID": "BDU:2021-03905", "RefURL": "https://bdu.fstec.ru/vul/2021-03905", "Source": "BDU" }, { "RefID": "BDU:2021-03906", "RefURL": "https://bdu.fstec.ru/vul/2021-03906", "Source": "BDU" }, { "RefID": "BDU:2021-03907", "RefURL": "https://bdu.fstec.ru/vul/2021-03907", "Source": "BDU" }, { "RefID": "BDU:2021-03908", "RefURL": "https://bdu.fstec.ru/vul/2021-03908", "Source": "BDU" }, { "RefID": "BDU:2021-03909", "RefURL": "https://bdu.fstec.ru/vul/2021-03909", "Source": "BDU" }, { "RefID": "BDU:2021-03910", "RefURL": "https://bdu.fstec.ru/vul/2021-03910", "Source": "BDU" }, { "RefID": "BDU:2021-03911", "RefURL": "https://bdu.fstec.ru/vul/2021-03911", "Source": "BDU" }, { "RefID": "BDU:2021-03912", "RefURL": "https://bdu.fstec.ru/vul/2021-03912", "Source": "BDU" }, { "RefID": "BDU:2021-03943", "RefURL": "https://bdu.fstec.ru/vul/2021-03943", "Source": "BDU" }, { "RefID": "BDU:2021-03956", "RefURL": "https://bdu.fstec.ru/vul/2021-03956", "Source": "BDU" }, { "RefID": "BDU:2021-03957", "RefURL": "https://bdu.fstec.ru/vul/2021-03957", "Source": "BDU" }, { "RefID": "BDU:2021-04024", "RefURL": "https://bdu.fstec.ru/vul/2021-04024", "Source": "BDU" }, { "RefID": "BDU:2021-04038", "RefURL": "https://bdu.fstec.ru/vul/2021-04038", "Source": "BDU" }, { "RefID": "BDU:2021-04234", "RefURL": "https://bdu.fstec.ru/vul/2021-04234", "Source": "BDU" }, { "RefID": "BDU:2021-04235", "RefURL": "https://bdu.fstec.ru/vul/2021-04235", "Source": "BDU" }, { "RefID": "BDU:2021-04236", "RefURL": "https://bdu.fstec.ru/vul/2021-04236", "Source": "BDU" }, { "RefID": "CVE-2021-30565", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30565", "Source": "CVE" }, { "RefID": "CVE-2021-30566", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30566", "Source": "CVE" }, { "RefID": "CVE-2021-30567", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30567", "Source": "CVE" }, { "RefID": "CVE-2021-30568", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30568", "Source": "CVE" }, { "RefID": "CVE-2021-30569", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30569", "Source": "CVE" }, { "RefID": "CVE-2021-30571", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30571", "Source": "CVE" }, { "RefID": "CVE-2021-30572", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30572", "Source": "CVE" }, { "RefID": "CVE-2021-30573", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30573", "Source": "CVE" }, { "RefID": "CVE-2021-30574", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30574", "Source": "CVE" }, { "RefID": "CVE-2021-30575", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30575", "Source": "CVE" }, { "RefID": "CVE-2021-30576", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30576", "Source": "CVE" }, { "RefID": "CVE-2021-30577", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30577", "Source": "CVE" }, { "RefID": "CVE-2021-30578", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30578", "Source": "CVE" }, { "RefID": "CVE-2021-30579", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30579", "Source": "CVE" }, { "RefID": "CVE-2021-30580", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30580", "Source": "CVE" }, { "RefID": "CVE-2021-30581", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30581", "Source": "CVE" }, { "RefID": "CVE-2021-30582", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30582", "Source": "CVE" }, { "RefID": "CVE-2021-30583", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30583", "Source": "CVE" }, { "RefID": "CVE-2021-30584", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30584", "Source": "CVE" }, { "RefID": "CVE-2021-30585", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30585", "Source": "CVE" }, { "RefID": "CVE-2021-30586", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30586", "Source": "CVE" }, { "RefID": "CVE-2021-30587", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30587", "Source": "CVE" }, { "RefID": "CVE-2021-30588", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30588", "Source": "CVE" }, { "RefID": "CVE-2021-30589", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30589", "Source": "CVE" } ], "Description": "This update upgrades chromium to version 92.0.4515.107-alt0.p9.1. \nSecurity Fix(es):\n\n * BDU:2021-03859: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03860: Уязвимость функции печати веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03865: Уязвимость компонента Android Intents веб-браузера Google Chrome для Android, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03866: Уязвимость веб-браузера Google Chrome операционных систем Windows, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03867: Уязвимость компонента SQLite веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03872: Уязвимость функции автозаполнения Autofil веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03873: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2021-03904: Уязвимость компонента установки Installer веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03905: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03906: Уязвимость графического процессора GPU веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03907: Уязвимость компонента Protocol Handling веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03908: Уязвимость функции автозаполнения Autofil веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03909: Уязвимость веб-браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03910: Уязвимость функции «Sharing» («Поделиться») веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03911: Уязвимость обработчика JavaScript-сценариев V8 веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03912: Уязвимость веб-браузера Google Chrome, связанная с недостаточной проверкой введенных пользователем данных, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2021-03943: Уязвимость компонента Media веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2021-03956: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03957: Уязвимость компонента Compositing веб-браузера Google Chrome операционных систем Windows, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-04024: Уязвимость пользовательского интерфейса Chromium браузера Google Chrome, позволяющая нарушителю выполнить запись за пределами памяти\n\n * BDU:2021-04038: Уязвимость компонента WebGL веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-04234: Уязвимость веб-браузера Google Chrome операционных систем iOS, связанная с недостатками разграничения доступа при обработке изображений, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-04235: Уязвимость компонента UI framework веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-04236: Уязвимость реализации анимации (Animation) веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * CVE-2021-30565: Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.\n\n * CVE-2021-30566: Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.\n\n * CVE-2021-30567: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.\n\n * CVE-2021-30568: Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30569: Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30571: Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-30572: Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30573: Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30574: Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30575: Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30576: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30577: Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.\n\n * CVE-2021-30578: Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.\n\n * CVE-2021-30579: Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30580: Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.\n\n * CVE-2021-30581: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30582: Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-30583: Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-30584: Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.\n\n * CVE-2021-30585: Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30586: Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30587: Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-30588: Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30589: Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.", "Advisory": { "From": "errata.altlinux.org", "Severity": "Critical", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2021-08-19" }, "Updated": { "Date": "2021-08-19" }, "BDUs": [ { "ID": "BDU:2021-03859", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03859", "Impact": "High", "Public": "20210520" }, { "ID": "BDU:2021-03860", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-121", "Href": "https://bdu.fstec.ru/vul/2021-03860", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-03865", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "CWE": "CWE-264", "Href": "https://bdu.fstec.ru/vul/2021-03865", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03866", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03866", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03867", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03867", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-03872", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03872", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-03873", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-264", "Href": "https://bdu.fstec.ru/vul/2021-03873", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-03904", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "CWE": "CWE-264", "Href": "https://bdu.fstec.ru/vul/2021-03904", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03905", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03905", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03906", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03906", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-03907", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03907", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-03908", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-125", "Href": "https://bdu.fstec.ru/vul/2021-03908", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03909", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03909", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03910", "CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "CWE": "CWE-20", "Href": "https://bdu.fstec.ru/vul/2021-03910", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03911", "CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "CWE": "CWE-843", "Href": "https://bdu.fstec.ru/vul/2021-03911", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03912", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "CWE": "CWE-451", "Href": "https://bdu.fstec.ru/vul/2021-03912", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03943", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "CWE": "CWE-908", "Href": "https://bdu.fstec.ru/vul/2021-03943", "Impact": "Low", "Public": "20210721" }, { "ID": "BDU:2021-03956", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-03956", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-03957", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "CWE": "CWE-358", "Href": "https://bdu.fstec.ru/vul/2021-03957", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-04024", "CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-94", "Href": "https://bdu.fstec.ru/vul/2021-04024", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-04038", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-122", "Href": "https://bdu.fstec.ru/vul/2021-04038", "Impact": "High", "Public": "20210720" }, { "ID": "BDU:2021-04234", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "CWE": "CWE-264", "Href": "https://bdu.fstec.ru/vul/2021-04234", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-04235", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2021-04235", "Impact": "Low", "Public": "20210720" }, { "ID": "BDU:2021-04236", "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "CWE": "CWE-358", "Href": "https://bdu.fstec.ru/vul/2021-04236", "Impact": "High", "Public": "20210720" } ], "CVEs": [ { "ID": "CVE-2021-30565", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30565", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30566", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30566", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30567", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30567", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30568", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30568", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30569", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30569", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30571", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "CWE": "CWE-863", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30571", "Impact": "Critical", "Public": "20210803" }, { "ID": "CVE-2021-30572", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30572", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30573", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30573", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30574", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30574", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30575", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30575", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30576", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30576", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30577", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-732", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30577", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30578", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-908", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30578", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30579", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30579", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30580", "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30580", "Impact": "Low", "Public": "20210803" }, { "ID": "CVE-2021-30581", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30581", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30582", "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30582", "Impact": "Low", "Public": "20210803" }, { "ID": "CVE-2021-30583", "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30583", "Impact": "Low", "Public": "20210803" }, { "ID": "CVE-2021-30584", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30584", "Impact": "Low", "Public": "20210803" }, { "ID": "CVE-2021-30585", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30585", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30586", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-416", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30586", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30587", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30587", "Impact": "Low", "Public": "20210803" }, { "ID": "CVE-2021-30588", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-843", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30588", "Impact": "High", "Public": "20210803" }, { "ID": "CVE-2021-30589", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "CWE": "CWE-20", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30589", "Impact": "Low", "Public": "20210803" } ], "AffectedCPEs": { "CPEs": [ "cpe:/o:alt:kworkstation:9", "cpe:/o:alt:workstation:9", "cpe:/o:alt:server:9", "cpe:/o:alt:server-v:9", "cpe:/o:alt:education:9", "cpe:/o:alt:slinux:9", "cpe:/o:alt:starterkit:p9" ] } } }, "Criteria": { "Operator": "AND", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:1001", "Comment": "ALT Linux must be installed" } ], "Criterias": [ { "Operator": "OR", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:20212573001", "Comment": "chromium is earlier than 0:92.0.4515.107-alt0.p9.1" } ] } ] } } ] }