pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
26379462a9
vuln-list-alt/oval/c10f1/ALT-PU-2019-3112/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

739 lines
37 KiB
JSON
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20193112",
"Version": "oval:org.altlinux.errata:def:20193112",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2019-3112: package `chromium` update to version 78.0.3904.97-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2019-3112",
"RefURL": "https://errata.altlinux.org/ALT-PU-2019-3112",
"Source": "ALTPU"
},
{
"RefID": "BDU:2019-03643",
"RefURL": "https://bdu.fstec.ru/vul/2019-03643",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04421",
"RefURL": "https://bdu.fstec.ru/vul/2019-04421",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04422",
"RefURL": "https://bdu.fstec.ru/vul/2019-04422",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04423",
"RefURL": "https://bdu.fstec.ru/vul/2019-04423",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04424",
"RefURL": "https://bdu.fstec.ru/vul/2019-04424",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04425",
"RefURL": "https://bdu.fstec.ru/vul/2019-04425",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04426",
"RefURL": "https://bdu.fstec.ru/vul/2019-04426",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04508",
"RefURL": "https://bdu.fstec.ru/vul/2019-04508",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00168",
"RefURL": "https://bdu.fstec.ru/vul/2020-00168",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01751",
"RefURL": "https://bdu.fstec.ru/vul/2020-01751",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01758",
"RefURL": "https://bdu.fstec.ru/vul/2020-01758",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01782",
"RefURL": "https://bdu.fstec.ru/vul/2020-01782",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01783",
"RefURL": "https://bdu.fstec.ru/vul/2020-01783",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01784",
"RefURL": "https://bdu.fstec.ru/vul/2020-01784",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01785",
"RefURL": "https://bdu.fstec.ru/vul/2020-01785",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01786",
"RefURL": "https://bdu.fstec.ru/vul/2020-01786",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01787",
"RefURL": "https://bdu.fstec.ru/vul/2020-01787",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01788",
"RefURL": "https://bdu.fstec.ru/vul/2020-01788",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01789",
"RefURL": "https://bdu.fstec.ru/vul/2020-01789",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01790",
"RefURL": "https://bdu.fstec.ru/vul/2020-01790",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01791",
"RefURL": "https://bdu.fstec.ru/vul/2020-01791",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01792",
"RefURL": "https://bdu.fstec.ru/vul/2020-01792",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01793",
"RefURL": "https://bdu.fstec.ru/vul/2020-01793",
"Source": "BDU"
},
{
"RefID": "CVE-2019-13699",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13699",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13700",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13700",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13701",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13701",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13702",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13702",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13703",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13703",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13704",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13704",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13705",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13705",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13706",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13706",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13707",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13707",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13708",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13708",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13709",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13709",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13710",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13710",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13711",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13711",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13713",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13713",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13714",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13714",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13715",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13715",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13716",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13716",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13717",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13717",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13718",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13718",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13719",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13719",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13720",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13720",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13721",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13721",
"Source": "CVE"
},
{
"RefID": "CVE-2019-13765",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13765",
"Source": "CVE"
},
{
"RefID": "CVE-2019-15903",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 78.0.3904.97-alt1. \nSecurity Fix(es):\n\n * BDU:2019-03643: Уязвимость библиотеки для анализа XML-файлов libexpat, связанная с неверным ограничением xml-ссылок на внешние объекты, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04421: Уязвимость расширения Color Enhancer браузера Google Chrome, позволяющая нарушителю изменить данные HTML-страницы\n\n * BDU:2019-04422: Уязвимость компонента Omnibox браузера Google Chrome, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2019-04423: Уязвимость браузера Google Chrome, связанная с неправильной авторизацией, позволяющая нарушителю обойти ограничения навигации\n\n * BDU:2019-04424: Уязвимость пользовательского интерфейса браузера Google Chrome, позволяющая нарушителю скрыть пользовательский интерфейс безопасности\n\n * BDU:2019-04425: Уязвимость компонента Omnibox браузера Google Chrome, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2019-04426: Уязвимость пользовательского интерфейса браузера Google Chrome, позволяющая нарушителю скрыть пользовательский интерфейс безопасности\n\n * BDU:2019-04508: Уязвимость компонента WebAudio браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2020-00168: Уязвимость обработчика PDF-содержимого PDFium веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2020-01751: Уязвимость браузера Google Chrome, связанная с неправильным применением политики безопасности, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-01758: Уязвимость браузера Google Chrome, связанная с неправильной настройкой политики безопасности, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-01782: Уязвимость браузера Google Chrome, связанная с использованием памяти после освобождения, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01783: Уязвимость браузера Google Chrome, связанная с чтением за границами буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01784: Уязвимость браузера Google Chrome, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01785: Уязвимость установщика браузера Google Chrome, связанная с небезопасным управлением привилегиями, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01786: Уязвимость адресной строки Omnibox браузера Google Chrome, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01787: Уязвимость браузера Google Chrome, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01788: Уязвимость браузера Google Chrome, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к информации\n\n * BDU:2020-01789: Уязвимость обработчика PDF-содержимого PDFium браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01790: Уязвимость браузера Google Chrome, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к информации\n\n * BDU:2020-01791: Уязвимость браузера Google Chrome, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01792: Уязвимость браузера Google Chrome, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01793: Уязвимость браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю нарушить целостность данных\n\n * CVE-2019-13699: Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-13700: Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-13701: Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2019-13702: Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.\n\n * CVE-2019-13703: Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2019-13704: Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.\n\n * CVE-2019-13705: Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.\n\n * CVE-2019-13706: Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.\n\n * CVE-2019-13707: Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.\n\n * CVE-2019-13708: Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2019-13709: Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.\n\n * CVE-2019-13710: Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.\n\n * CVE-2019-13711: Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2019-13713: Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2019-13714: Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.\n\n * CVE-2019-13715: Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.\n\n * CVE-2019-13716: Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2019-13717: Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.\n\n * CVE-2019-13718: Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.\n\n * CVE-2019-13719: Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.\n\n * CVE-2019-13720: Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-13721: Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-13765: Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-15903: In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2019-11-10"
},
"Updated": {
"Date": "2019-11-10"
},
"BDUs": [
{
"ID": "BDU:2019-03643",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-611",
"Href": "https://bdu.fstec.ru/vul/2019-03643",
"Impact": "High",
"Public": "20190828"
},
{
"ID": "BDU:2019-04421",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-74",
"Href": "https://bdu.fstec.ru/vul/2019-04421",
"Impact": "Low",
"Public": "20190710"
},
{
"ID": "BDU:2019-04422",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://bdu.fstec.ru/vul/2019-04422",
"Impact": "Low",
"Public": "20170831"
},
{
"ID": "BDU:2019-04423",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-863",
"Href": "https://bdu.fstec.ru/vul/2019-04423",
"Impact": "Low",
"Public": "20190919"
},
{
"ID": "BDU:2019-04424",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-922",
"Href": "https://bdu.fstec.ru/vul/2019-04424",
"Impact": "Low",
"Public": "20180503"
},
{
"ID": "BDU:2019-04425",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-04425",
"Impact": "Low",
"Public": "20180720"
},
{
"ID": "BDU:2019-04426",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-922",
"Href": "https://bdu.fstec.ru/vul/2019-04426",
"Impact": "Low",
"Public": "20190131"
},
{
"ID": "BDU:2019-04508",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-04508",
"Impact": "High",
"Public": "20191031"
},
{
"ID": "BDU:2020-00168",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-00168",
"Impact": "High",
"Public": "20191012"
},
{
"ID": "BDU:2020-01751",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-01751",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01758",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-01758",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01782",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01782",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "BDU:2020-01783",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2020-01783",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "BDU:2020-01784",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://bdu.fstec.ru/vul/2020-01784",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01785",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-269",
"Href": "https://bdu.fstec.ru/vul/2020-01785",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "BDU:2020-01786",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://bdu.fstec.ru/vul/2020-01786",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01787",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://bdu.fstec.ru/vul/2020-01787",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01788",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-01788",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01789",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2020-01789",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "BDU:2020-01790",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-01790",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01791",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://bdu.fstec.ru/vul/2020-01791",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01792",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-290",
"Href": "https://bdu.fstec.ru/vul/2020-01792",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "BDU:2020-01793",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2020-01793",
"Impact": "Low",
"Public": "20191125"
}
],
"CVEs": [
{
"ID": "CVE-2019-13699",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13699",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-13700",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13700",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-13701",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13701",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13702",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-269",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13702",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-13703",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13703",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13704",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13704",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13705",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-269",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13705",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13706",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13706",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-13707",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13707",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13708",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13708",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13709",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-290",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13709",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13710",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13710",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13711",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13711",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13713",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13713",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13714",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-94",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13714",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13715",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-290",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13715",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13716",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-863",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13716",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13717",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-922",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13717",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13718",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13718",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13719",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-922",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13719",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-13720",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13720",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-13721",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13721",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-13765",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13765",
"Impact": "Low",
"Public": "20200103"
},
{
"ID": "CVE-2019-15903",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903",
"Impact": "High",
"Public": "20190904"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20193112001",
"Comment": "chromium is earlier than 0:78.0.3904.97-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193112002",
"Comment": "chromium-gnome is earlier than 0:78.0.3904.97-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193112003",
"Comment": "chromium-kde is earlier than 0:78.0.3904.97-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink