pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2dae4da41e
vuln-list-alt/oval/c10f1/ALT-PU-2020-3081/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

594 lines
29 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20203081",
"Version": "oval:org.altlinux.errata:def:20203081",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-3081: package `w3m` update to version 0.5.3-alt3.git20200502",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-3081",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-3081",
"Source": "ALTPU"
},
{
"RefID": "BDU:2017-00174",
"RefURL": "https://bdu.fstec.ru/vul/2017-00174",
"Source": "BDU"
},
{
"RefID": "CVE-2016-9422",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9422",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9423",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9423",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9424",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9424",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9425",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9425",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9426",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9426",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9428",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9428",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9429",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9429",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9430",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9430",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9431",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9431",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9432",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9432",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9433",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9433",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9434",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9434",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9435",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9435",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9436",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9436",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9437",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9437",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9438",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9438",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9439",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9439",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9440",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9440",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9441",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9441",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9442",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9442",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9443",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9443",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9622",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9622",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9623",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9623",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9624",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9624",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9625",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9625",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9626",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9626",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9627",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9627",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9628",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9628",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9629",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9629",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9630",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9630",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9631",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9631",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9632",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9632",
"Source": "CVE"
},
{
"RefID": "CVE-2016-9633",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9633",
"Source": "CVE"
},
{
"RefID": "CVE-2018-6196",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-6196",
"Source": "CVE"
},
{
"RefID": "CVE-2018-6197",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-6197",
"Source": "CVE"
},
{
"RefID": "CVE-2018-6198",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-6198",
"Source": "CVE"
}
],
"Description": "This update upgrades w3m to version 0.5.3-alt3.git20200502. \nSecurity Fix(es):\n\n * BDU:2017-00174: Уязвимость операционной системы OpenSUSE Leap, позволяющая нарушителю обойти проверку сертификата\n\n * CVE-2016-9422: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page.\n\n * CVE-2016-9423: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.\n\n * CVE-2016-9424: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page.\n\n * CVE-2016-9425: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.\n\n * CVE-2016-9426: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a crafted HTML page.\n\n * CVE-2016-9428: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.\n\n * CVE-2016-9429: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.\n\n * CVE-2016-9430: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9431: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.\n\n * CVE-2016-9432: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page.\n\n * CVE-2016-9433: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page.\n\n * CVE-2016-9434: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9435: The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to \u003cdd\u003e tags.\n\n * CVE-2016-9436: parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a \u003ci\u003e tag.\n\n * CVE-2016-9437: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.\n\n * CVE-2016-9438: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9439: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.\n\n * CVE-2016-9440: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9441: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9442: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.\n\n * CVE-2016-9443: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9622: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9623: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9624: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9625: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.\n\n * CVE-2016-9626: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.\n\n * CVE-2016-9627: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.\n\n * CVE-2016-9628: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9629: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9630: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.\n\n * CVE-2016-9631: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.\n\n * CVE-2016-9632: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.\n\n * CVE-2016-9633: An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.\n\n * CVE-2018-6196: w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.\n\n * CVE-2018-6197: w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.\n\n * CVE-2018-6198: w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-10-20"
},
"Updated": {
"Date": "2020-10-20"
},
"BDUs": [
{
"ID": "BDU:2017-00174",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2017-00174",
"Impact": "Low",
"Public": "20170120"
}
],
"CVEs": [
{
"ID": "CVE-2016-9422",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9422",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9423",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9423",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9424",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9424",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9425",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9425",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9426",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9426",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9428",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9428",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9429",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9429",
"Impact": "High",
"Public": "20161212"
},
{
"ID": "CVE-2016-9430",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9430",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9431",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9431",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9432",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9432",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9433",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9433",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9434",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9434",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9435",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9435",
"Impact": "Low",
"Public": "20170120"
},
{
"ID": "CVE-2016-9436",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9436",
"Impact": "Low",
"Public": "20170120"
},
{
"ID": "CVE-2016-9437",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9437",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9438",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9438",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9439",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9439",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9440",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9440",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9441",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9441",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9442",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9442",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9443",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9443",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9622",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9622",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9623",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9623",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9624",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9624",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9625",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9625",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9626",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9626",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9627",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9627",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9628",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9628",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9629",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9629",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9630",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9630",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9631",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9631",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9632",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9632",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2016-9633",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-399",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9633",
"Impact": "Low",
"Public": "20161212"
},
{
"ID": "CVE-2018-6196",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-6196",
"Impact": "High",
"Public": "20180125"
},
{
"ID": "CVE-2018-6197",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-6197",
"Impact": "High",
"Public": "20180125"
},
{
"ID": "CVE-2018-6198",
"CVSS": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-59",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-6198",
"Impact": "Low",
"Public": "20180125"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20203081001",
"Comment": "w3m is earlier than 0:0.5.3-alt3.git20200502"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203081002",
"Comment": "w3m-img is earlier than 0:0.5.3-alt3.git20200502"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink