pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p10/ALT-PU-2021-1460/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

1115 lines
58 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20211460",
"Version": "oval:org.altlinux.errata:def:20211460",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-1460: package `chromium` update to version 89.0.4389.82-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-1460",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-1460",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-00850",
"RefURL": "https://bdu.fstec.ru/vul/2021-00850",
"Source": "BDU"
},
{
"RefID": "BDU:2021-00852",
"RefURL": "https://bdu.fstec.ru/vul/2021-00852",
"Source": "BDU"
},
{
"RefID": "BDU:2021-00855",
"RefURL": "https://bdu.fstec.ru/vul/2021-00855",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01217",
"RefURL": "https://bdu.fstec.ru/vul/2021-01217",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01219",
"RefURL": "https://bdu.fstec.ru/vul/2021-01219",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01220",
"RefURL": "https://bdu.fstec.ru/vul/2021-01220",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01221",
"RefURL": "https://bdu.fstec.ru/vul/2021-01221",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01222",
"RefURL": "https://bdu.fstec.ru/vul/2021-01222",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01223",
"RefURL": "https://bdu.fstec.ru/vul/2021-01223",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01225",
"RefURL": "https://bdu.fstec.ru/vul/2021-01225",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01236",
"RefURL": "https://bdu.fstec.ru/vul/2021-01236",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01252",
"RefURL": "https://bdu.fstec.ru/vul/2021-01252",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01253",
"RefURL": "https://bdu.fstec.ru/vul/2021-01253",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01254",
"RefURL": "https://bdu.fstec.ru/vul/2021-01254",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01255",
"RefURL": "https://bdu.fstec.ru/vul/2021-01255",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01256",
"RefURL": "https://bdu.fstec.ru/vul/2021-01256",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01257",
"RefURL": "https://bdu.fstec.ru/vul/2021-01257",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01258",
"RefURL": "https://bdu.fstec.ru/vul/2021-01258",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01259",
"RefURL": "https://bdu.fstec.ru/vul/2021-01259",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01260",
"RefURL": "https://bdu.fstec.ru/vul/2021-01260",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01262",
"RefURL": "https://bdu.fstec.ru/vul/2021-01262",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03642",
"RefURL": "https://bdu.fstec.ru/vul/2021-03642",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03643",
"RefURL": "https://bdu.fstec.ru/vul/2021-03643",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03644",
"RefURL": "https://bdu.fstec.ru/vul/2021-03644",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03645",
"RefURL": "https://bdu.fstec.ru/vul/2021-03645",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03646",
"RefURL": "https://bdu.fstec.ru/vul/2021-03646",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03647",
"RefURL": "https://bdu.fstec.ru/vul/2021-03647",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03648",
"RefURL": "https://bdu.fstec.ru/vul/2021-03648",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03649",
"RefURL": "https://bdu.fstec.ru/vul/2021-03649",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03650",
"RefURL": "https://bdu.fstec.ru/vul/2021-03650",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03655",
"RefURL": "https://bdu.fstec.ru/vul/2021-03655",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03656",
"RefURL": "https://bdu.fstec.ru/vul/2021-03656",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03657",
"RefURL": "https://bdu.fstec.ru/vul/2021-03657",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03658",
"RefURL": "https://bdu.fstec.ru/vul/2021-03658",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04129",
"RefURL": "https://bdu.fstec.ru/vul/2021-04129",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06084",
"RefURL": "https://bdu.fstec.ru/vul/2021-06084",
"Source": "BDU"
},
{
"RefID": "CVE-2020-27844",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-27844",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21151",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21151",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21154",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21154",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21156",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21156",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21159",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21159",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21160",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21160",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21161",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21161",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21162",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21162",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21163",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21163",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21164",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21164",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21165",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21165",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21166",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21166",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21167",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21167",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21168",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21168",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21169",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21169",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21170",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21170",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21171",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21171",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21172",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21172",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21173",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21173",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21174",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21174",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21175",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21175",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21176",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21176",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21177",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21177",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21178",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21178",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21179",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21179",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21180",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21180",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21181",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21181",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21182",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21182",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21183",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21183",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21184",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21184",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21185",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21185",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21186",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21186",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21187",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21187",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21188",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21188",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21189",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21189",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21190",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21190",
"Source": "CVE"
},
{
"RefID": "CVE-2021-21200",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21200",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 89.0.4389.82-alt1. \nSecurity Fix(es):\n\n * BDU:2021-00850: Уязвимость обработчика JavaScript-сценариев V8 веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-00852: Уязвимость процесса GPU Process веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-00855: Уязвимость компонента Payments веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-01217: Уязвимость функции TabStrip браузера Google Chrome, связанная с ошибками криптографических преобразований, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01219: Уязвимость интерфейса File System API браузера Google Chrome, связанная с ошибками разграничения доступа, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации\n\n * BDU:2021-01220: Уязвимость интерфейса Network Internals браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01221: Уязвимость реализации протокола HTTP браузера Google Chrome, связанная с неправильно реализованной проверкой безопасности для стандартных элементов, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации\n\n * BDU:2021-01222: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации\n\n * BDU:2021-01223: Уязвимость режима чтения браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01225: Уязвимость компонента WebAudio браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01236: Уязвимость библиотеки для кодирования и декодирования изображений OpenJPEG, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01252: Уязвимость элемента управления пользовательской формы TabStrip веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01253: Уязвимость расширения WebRTC веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01254: Уязвимость элемента управления пользовательской формы TabStrip веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01255: Уязвимость браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01256: Уязвимость компонента Audio браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01257: Уязвимость компонента Audio браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-01258: Уязвимость компонента Bookmarks браузера Google Chrome, позволяющая нарушителю получить выполнить произвольный код\n\n * BDU:2021-01259: Уязвимость кэша приложения браузера Google Chrome, связанная с ошибками разграничения доступа, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01260: Уязвимость пользовательского интерфейса браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01262: Уязвимость функции изоляции сайтов браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации\n\n * BDU:2021-03642: Уязвимость расширений браузера Google Chrome, связанная с ошибками в настройках безопасности, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2021-03643: Уязвимость компонента URL браузера Google Chrome, связанная с ошибками в настройках безопасности, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-03644: Уязвимость механизма отображения веб-страниц Blink браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании\n\n * BDU:2021-03645: Уязвимость функции Платежи браузера Google Chrome, связанная с недостатками процедуры аутентификации, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-03646: Уязвимость компонента PDFium браузера Google Chrome, связанная с использованием неинициализированного ресурса, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании\n\n * BDU:2021-03647: Уязвимость компонента автодополнения Autofill браузера Google Chrome, связанная с недостатками процедуры аутентификации, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2021-03648: Уязвимость строки URL браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-03649: Уязвимость компонента Network Internals браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании\n\n * BDU:2021-03650: Уязвимость функции поиска браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании\n\n * BDU:2021-03655: Уязвимость полноэкранного режима браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-03656: Уязвимость компонента автодополнения Autofill браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2021-03657: Уязвимость навигации браузера Google Chrome, связанная с неправильной авторизацией, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-03658: Уязвимость API браузера Google Chrome, связанная с недостатками механизмов ограничения домена (Same Origin Policy), позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2021-04129: Уязвимость API браузера Google Chrome, связанная с недостатками механизмов ограничения домена (Same Origin Policy), позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-06084: Уязвимость функции QR-сканера браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа\n\n * CVE-2020-27844: A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\n\n * CVE-2021-21151: Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-21154: Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-21156: Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.\n\n * CVE-2021-21159: Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21160: Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21161: Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21162: Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21163: Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.\n\n * CVE-2021-21164: Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-21165: Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21166: Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21167: Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21168: Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2021-21169: Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.\n\n * CVE-2021-21170: Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-21171: Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-21172: Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.\n\n * CVE-2021-21173: Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-21174: Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2021-21175: Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-21176: Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-21177: Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2021-21178: Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-21179: Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21180: Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21181: Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2021-21182: Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2021-21183: Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-21184: Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-21185: Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.\n\n * CVE-2021-21186: Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.\n\n * CVE-2021-21187: Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.\n\n * CVE-2021-21188: Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-21189: Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2021-21190: Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.\n\n * CVE-2021-21200: Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low)",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-03-11"
},
"Updated": {
"Date": "2021-03-11"
},
"BDUs": [
{
"ID": "BDU:2021-00850",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-00850",
"Impact": "Low",
"Public": "20210222"
},
{
"ID": "BDU:2021-00852",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-00852",
"Impact": "Low",
"Public": "20210222"
},
{
"ID": "BDU:2021-00855",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-00855",
"Impact": "Low",
"Public": "20210222"
},
{
"ID": "BDU:2021-01217",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2021-01217",
"Impact": "Low",
"Public": "20210302"
},
{
"ID": "BDU:2021-01219",
"CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-01219",
"Impact": "Low",
"Public": "20210302"
},
{
"ID": "BDU:2021-01220",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2021-01220",
"Impact": "Low",
"Public": "20201211"
},
{
"ID": "BDU:2021-01221",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-01221",
"Impact": "High",
"Public": "20201211"
},
{
"ID": "BDU:2021-01222",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2021-01222",
"Impact": "High",
"Public": "20210113"
},
{
"ID": "BDU:2021-01223",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-01223",
"Impact": "High",
"Public": "20210302"
},
{
"ID": "BDU:2021-01225",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-01225",
"Impact": "High",
"Public": "20210125"
},
{
"ID": "BDU:2021-01236",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20, CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-01236",
"Impact": "High",
"Public": "20201214"
},
{
"ID": "BDU:2021-01252",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-01252",
"Impact": "High",
"Public": "20210127"
},
{
"ID": "BDU:2021-01253",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-01253",
"Impact": "High",
"Public": "20210129"
},
{
"ID": "BDU:2021-01254",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-01254",
"Impact": "High",
"Public": "20210129"
},
{
"ID": "BDU:2021-01255",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-01255",
"Impact": "High",
"Public": "20210302"
},
{
"ID": "BDU:2021-01256",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-119, CWE-362",
"Href": "https://bdu.fstec.ru/vul/2021-01256",
"Impact": "High",
"Public": "20210204"
},
{
"ID": "BDU:2021-01257",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119, CWE-362",
"Href": "https://bdu.fstec.ru/vul/2021-01257",
"Impact": "High",
"Public": "20210211"
},
{
"ID": "BDU:2021-01258",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-01258",
"Impact": "High",
"Public": "20201222"
},
{
"ID": "BDU:2021-01259",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-01259",
"Impact": "Low",
"Public": "20201124"
},
{
"ID": "BDU:2021-01260",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2021-01260",
"Impact": "Low",
"Public": "20200731"
},
{
"ID": "BDU:2021-01262",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-346, CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-01262",
"Impact": "Low",
"Public": "20201107"
},
{
"ID": "BDU:2021-03642",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-254",
"Href": "https://bdu.fstec.ru/vul/2021-03642",
"Impact": "Low",
"Public": "20200630"
},
{
"ID": "BDU:2021-03643",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-254",
"Href": "https://bdu.fstec.ru/vul/2021-03643",
"Impact": "Low",
"Public": "20201204"
},
{
"ID": "BDU:2021-03644",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03644",
"Impact": "High",
"Public": "20201224"
},
{
"ID": "BDU:2021-03645",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-287",
"Href": "https://bdu.fstec.ru/vul/2021-03645",
"Impact": "Low",
"Public": "20210111"
},
{
"ID": "BDU:2021-03646",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-908",
"Href": "https://bdu.fstec.ru/vul/2021-03646",
"Impact": "High",
"Public": "20210113"
},
{
"ID": "BDU:2021-03647",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-287",
"Href": "https://bdu.fstec.ru/vul/2021-03647",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "BDU:2021-03648",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-03648",
"Impact": "Low",
"Public": "20210203"
},
{
"ID": "BDU:2021-03649",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03649",
"Impact": "High",
"Public": "20210205"
},
{
"ID": "BDU:2021-03650",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03650",
"Impact": "High",
"Public": "20210207"
},
{
"ID": "BDU:2021-03655",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-03655",
"Impact": "Low",
"Public": "20210126"
},
{
"ID": "BDU:2021-03656",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03656",
"Impact": "Low",
"Public": "20210226"
},
{
"ID": "BDU:2021-03657",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-863",
"Href": "https://bdu.fstec.ru/vul/2021-03657",
"Impact": "Low",
"Public": "20200205"
},
{
"ID": "BDU:2021-03658",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://bdu.fstec.ru/vul/2021-03658",
"Impact": "Low",
"Public": "20200715"
},
{
"ID": "BDU:2021-04129",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://bdu.fstec.ru/vul/2021-04129",
"Impact": "Low",
"Public": "20200924"
},
{
"ID": "BDU:2021-06084",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-863",
"Href": "https://bdu.fstec.ru/vul/2021-06084",
"Impact": "Low",
"Public": "20210309"
}
],
"CVEs": [
{
"ID": "CVE-2020-27844",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-27844",
"Impact": "High",
"Public": "20210105"
},
{
"ID": "CVE-2021-21151",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21151",
"Impact": "Critical",
"Public": "20210222"
},
{
"ID": "CVE-2021-21154",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21154",
"Impact": "Critical",
"Public": "20210222"
},
{
"ID": "CVE-2021-21156",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21156",
"Impact": "High",
"Public": "20210222"
},
{
"ID": "CVE-2021-21159",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21159",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21160",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21160",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21161",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21161",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21162",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21162",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21163",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21163",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21164",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21164",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21165",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21165",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21166",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21166",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21167",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21167",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21168",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21168",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21169",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21169",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21170",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21170",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21171",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21171",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21172",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21172",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21173",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-203",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21173",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21174",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21174",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21175",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21175",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21176",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21176",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21177",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-732",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21177",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21178",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21178",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21179",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21179",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21180",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21180",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21181",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-203",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21181",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21182",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-863",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21182",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21183",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21183",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21184",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-346",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21184",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21185",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21185",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21186",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-863",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21186",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21187",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21187",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21188",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21188",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21189",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21189",
"Impact": "Low",
"Public": "20210309"
},
{
"ID": "CVE-2021-21190",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-908",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21190",
"Impact": "High",
"Public": "20210309"
},
{
"ID": "CVE-2021-21200",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-21200",
"Impact": "Low",
"Public": "20230102"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20211460001",
"Comment": "chromium is earlier than 0:89.0.4389.82-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink