pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/c10f1/ALT-PU-2020-1706/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

1103 lines
58 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20201706",
"Version": "oval:org.altlinux.errata:def:20201706",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-1706: package `chromium` update to version 81.0.4044.92-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-1706",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-1706",
"Source": "ALTPU"
},
{
"RefID": "BDU:2020-01912",
"RefURL": "https://bdu.fstec.ru/vul/2020-01912",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01914",
"RefURL": "https://bdu.fstec.ru/vul/2020-01914",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01915",
"RefURL": "https://bdu.fstec.ru/vul/2020-01915",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01916",
"RefURL": "https://bdu.fstec.ru/vul/2020-01916",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01917",
"RefURL": "https://bdu.fstec.ru/vul/2020-01917",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01918",
"RefURL": "https://bdu.fstec.ru/vul/2020-01918",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01919",
"RefURL": "https://bdu.fstec.ru/vul/2020-01919",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01961",
"RefURL": "https://bdu.fstec.ru/vul/2020-01961",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01962",
"RefURL": "https://bdu.fstec.ru/vul/2020-01962",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03666",
"RefURL": "https://bdu.fstec.ru/vul/2020-03666",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03667",
"RefURL": "https://bdu.fstec.ru/vul/2020-03667",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03668",
"RefURL": "https://bdu.fstec.ru/vul/2020-03668",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03669",
"RefURL": "https://bdu.fstec.ru/vul/2020-03669",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03670",
"RefURL": "https://bdu.fstec.ru/vul/2020-03670",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03674",
"RefURL": "https://bdu.fstec.ru/vul/2020-03674",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03675",
"RefURL": "https://bdu.fstec.ru/vul/2020-03675",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03715",
"RefURL": "https://bdu.fstec.ru/vul/2020-03715",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03716",
"RefURL": "https://bdu.fstec.ru/vul/2020-03716",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03717",
"RefURL": "https://bdu.fstec.ru/vul/2020-03717",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03718",
"RefURL": "https://bdu.fstec.ru/vul/2020-03718",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03719",
"RefURL": "https://bdu.fstec.ru/vul/2020-03719",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03720",
"RefURL": "https://bdu.fstec.ru/vul/2020-03720",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03721",
"RefURL": "https://bdu.fstec.ru/vul/2020-03721",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03722",
"RefURL": "https://bdu.fstec.ru/vul/2020-03722",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03723",
"RefURL": "https://bdu.fstec.ru/vul/2020-03723",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03736",
"RefURL": "https://bdu.fstec.ru/vul/2020-03736",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03737",
"RefURL": "https://bdu.fstec.ru/vul/2020-03737",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03738",
"RefURL": "https://bdu.fstec.ru/vul/2020-03738",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03739",
"RefURL": "https://bdu.fstec.ru/vul/2020-03739",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03740",
"RefURL": "https://bdu.fstec.ru/vul/2020-03740",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03741",
"RefURL": "https://bdu.fstec.ru/vul/2020-03741",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03742",
"RefURL": "https://bdu.fstec.ru/vul/2020-03742",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03743",
"RefURL": "https://bdu.fstec.ru/vul/2020-03743",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04927",
"RefURL": "https://bdu.fstec.ru/vul/2021-04927",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04937",
"RefURL": "https://bdu.fstec.ru/vul/2021-04937",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06414",
"RefURL": "https://bdu.fstec.ru/vul/2021-06414",
"Source": "BDU"
},
{
"RefID": "CVE-2020-6419",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6419",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6422",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6422",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6423",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6423",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6424",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6424",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6425",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6425",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6426",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6426",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6427",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6427",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6428",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6428",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6429",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6429",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6430",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6430",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6431",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6431",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6432",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6432",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6433",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6433",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6434",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6434",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6435",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6435",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6436",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6436",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6437",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6437",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6438",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6438",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6439",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6439",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6440",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6440",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6441",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6441",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6442",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6442",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6443",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6443",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6444",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6444",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6445",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6445",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6446",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6446",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6447",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6447",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6448",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6448",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6449",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6449",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6450",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6450",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6451",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6451",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6452",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6452",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6453",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6453",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6454",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6454",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6455",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6455",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6456",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6456",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6572",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6572",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 81.0.4044.92-alt1. \nSecurity Fix(es):\n\n * BDU:2020-01912: Уязвимость компонента WebAudio браузера Google Chrome, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании или оказать воздействие на целостность данных\n\n * BDU:2020-01914: Уязвимость компонента аудио браузера Google Chrome, связанная с использованием памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01915: Уязвимость компонента аудио браузера Google Chrome, связанная с использованием памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01916: Уязвимость компонента аудио браузера Google Chrome, связанная с использованием памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01917: Уязвимость компонента аудио браузера Google Chrome, связанная с использованием памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01918: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-01919: Уязвимость браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность\n\n * BDU:2020-01961: Уязвимость компонента мультимедиа браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01962: Уязвимость браузера Google Chrome, связанная с использованием памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03666: Уязвимость компонента Audio браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03667: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03668: Уязвимость полноэкранного режима браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03669: Уязвимость компонента WebAudio браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-03670: Уязвимость компонента Media браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-03674: Уязвимость пользовательского интерфейса Chromium браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03675: Уязвимость компонента devtools браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03715: Уязвимость пользовательского интерфейса Chromium браузера Google Chrome, связанная с ошибками применения правила в расширениях, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03716: Уязвимость пользовательского интерфейса Chromium браузера Google Chrome, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03717: Уязвимость реализации WebView пользовательского интерфейса Chromium браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03718: Уязвимость расширений браузера Google Chrome, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03719: Уязвимость пользовательского интерфейса Chromium браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03720: Уязвимость расширений браузера Google Chrome, связанная с недостатком механизма контроля привилегий и средств управления доступом, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03721: Уязвимость компонента Omnibox браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03722: Уязвимость кэша приложения браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03723: Уязвимость инструментов разработчика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03736: Уязвимость модуля WebRTC браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03737: Уязвимость доверенных типов браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03738: Уязвимость доверенных типов браузера Google Chrome, связанная с недостатком механизма стандартных разрешений, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03739: Уязвимость инструментов разработчика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03740: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03741: Уязвимость расширений браузера Google Chrome, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03742: Уязвимость модуля WebSQL браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03743: Уязвимость браузера Google Chrome, связанная с недостатком механизма стандартных разрешений, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-04927: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-04937: Уязвимость компонента Media браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-06414: Уязвимость функции Navigation браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения\n\n * CVE-2020-6419: Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6422: Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6423: Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6424: Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6425: Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.\n\n * CVE-2020-6426: Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6427: Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6428: Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6429: Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6430: Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6431: Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.\n\n * CVE-2020-6432: Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6433: Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6434: Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6435: Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6436: Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6437: Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.\n\n * CVE-2020-6438: Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.\n\n * CVE-2020-6439: Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.\n\n * CVE-2020-6440: Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.\n\n * CVE-2020-6441: Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.\n\n * CVE-2020-6442: Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2020-6443: Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.\n\n * CVE-2020-6444: Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6445: Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.\n\n * CVE-2020-6446: Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.\n\n * CVE-2020-6447: Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6448: Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6449: Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6450: Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6451: Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6452: Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6453: Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6454: Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n\n * CVE-2020-6455: Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6456: Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.\n\n * CVE-2020-6572: Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-04-11"
},
"Updated": {
"Date": "2020-04-11"
},
"BDUs": [
{
"ID": "BDU:2020-01912",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01912",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-01914",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01914",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "BDU:2020-01915",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01915",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "BDU:2020-01916",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01916",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "BDU:2020-01917",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01917",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "BDU:2020-01918",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2020-01918",
"Impact": "Low",
"Public": "20200323"
},
{
"ID": "BDU:2020-01919",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2020-01919",
"Impact": "Low",
"Public": "20200323"
},
{
"ID": "BDU:2020-01961",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01961",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "BDU:2020-01962",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01962",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "BDU:2020-03666",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03666",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03667",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2020-03667",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03668",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03668",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03669",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03669",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03670",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2020-03670",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03674",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2020-03674",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03675",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03675",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03715",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2020-03715",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03716",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03716",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03717",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2020-03717",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03718",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-03718",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03719",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03719",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03720",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2020-03720",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03721",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03721",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03722",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://bdu.fstec.ru/vul/2020-03722",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03723",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-345",
"Href": "https://bdu.fstec.ru/vul/2020-03723",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03736",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2020-03736",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03737",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03737",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03738",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03738",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2020-03739",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2020-03739",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03740",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03740",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03741",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03741",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03742",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2020-03742",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03743",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03743",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "BDU:2021-04927",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-04927",
"Impact": "High",
"Public": "20200331"
},
{
"ID": "BDU:2021-04937",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-04937",
"Impact": "High",
"Public": "20200407"
},
{
"ID": "BDU:2021-06414",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-06414",
"Impact": "Low",
"Public": "20200413"
}
],
"CVEs": [
{
"ID": "CVE-2020-6419",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6419",
"Impact": "High",
"Public": "20200603"
},
{
"ID": "CVE-2020-6422",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6422",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "CVE-2020-6423",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6423",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6424",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6424",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "CVE-2020-6425",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6425",
"Impact": "Low",
"Public": "20200323"
},
{
"ID": "CVE-2020-6426",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6426",
"Impact": "Low",
"Public": "20200323"
},
{
"ID": "CVE-2020-6427",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6427",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "CVE-2020-6428",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6428",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "CVE-2020-6429",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6429",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "CVE-2020-6430",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6430",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6431",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6431",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6432",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6432",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6433",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6433",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6434",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6434",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6435",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6435",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6436",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6436",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6437",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6437",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6438",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-209",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6438",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6439",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6439",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6440",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6440",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6441",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6441",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6442",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6442",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6443",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-345",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6443",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6444",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-908",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6444",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6445",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6445",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6446",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6446",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6447",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6447",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6448",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6448",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6449",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6449",
"Impact": "High",
"Public": "20200323"
},
{
"ID": "CVE-2020-6450",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6450",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6451",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6451",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6452",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6452",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6453",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6453",
"Impact": "High",
"Public": "20200603"
},
{
"ID": "CVE-2020-6454",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6454",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6455",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6455",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "CVE-2020-6456",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6456",
"Impact": "Low",
"Public": "20200413"
},
{
"ID": "CVE-2020-6572",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6572",
"Impact": "High",
"Public": "20210114"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20201706001",
"Comment": "chromium is earlier than 0:81.0.4044.92-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201706002",
"Comment": "chromium-gnome is earlier than 0:81.0.4044.92-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201706003",
"Comment": "chromium-kde is earlier than 0:81.0.4044.92-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink