pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p9/ALT-PU-2020-2047/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

875 lines
44 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20202047",
"Version": "oval:org.altlinux.errata:def:20202047",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-2047: package `chromium` update to version 83.0.4103.61-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-2047",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-2047",
"Source": "ALTPU"
},
{
"RefID": "BDU:2020-02263",
"RefURL": "https://bdu.fstec.ru/vul/2020-02263",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03671",
"RefURL": "https://bdu.fstec.ru/vul/2020-03671",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03750",
"RefURL": "https://bdu.fstec.ru/vul/2020-03750",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03751",
"RefURL": "https://bdu.fstec.ru/vul/2020-03751",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03752",
"RefURL": "https://bdu.fstec.ru/vul/2020-03752",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03753",
"RefURL": "https://bdu.fstec.ru/vul/2020-03753",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03754",
"RefURL": "https://bdu.fstec.ru/vul/2020-03754",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03755",
"RefURL": "https://bdu.fstec.ru/vul/2020-03755",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03756",
"RefURL": "https://bdu.fstec.ru/vul/2020-03756",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03757",
"RefURL": "https://bdu.fstec.ru/vul/2020-03757",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03811",
"RefURL": "https://bdu.fstec.ru/vul/2020-03811",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03832",
"RefURL": "https://bdu.fstec.ru/vul/2020-03832",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03833",
"RefURL": "https://bdu.fstec.ru/vul/2020-03833",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03834",
"RefURL": "https://bdu.fstec.ru/vul/2020-03834",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03835",
"RefURL": "https://bdu.fstec.ru/vul/2020-03835",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03836",
"RefURL": "https://bdu.fstec.ru/vul/2020-03836",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03837",
"RefURL": "https://bdu.fstec.ru/vul/2020-03837",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03839",
"RefURL": "https://bdu.fstec.ru/vul/2020-03839",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03840",
"RefURL": "https://bdu.fstec.ru/vul/2020-03840",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03841",
"RefURL": "https://bdu.fstec.ru/vul/2020-03841",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03842",
"RefURL": "https://bdu.fstec.ru/vul/2020-03842",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03843",
"RefURL": "https://bdu.fstec.ru/vul/2020-03843",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03844",
"RefURL": "https://bdu.fstec.ru/vul/2020-03844",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03845",
"RefURL": "https://bdu.fstec.ru/vul/2020-03845",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03846",
"RefURL": "https://bdu.fstec.ru/vul/2020-03846",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03847",
"RefURL": "https://bdu.fstec.ru/vul/2020-03847",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03848",
"RefURL": "https://bdu.fstec.ru/vul/2020-03848",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01136",
"RefURL": "https://bdu.fstec.ru/vul/2021-01136",
"Source": "BDU"
},
{
"RefID": "CVE-2020-6465",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6465",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6466",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6466",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6467",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6467",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6468",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6468",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6469",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6469",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6470",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6470",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6471",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6471",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6472",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6472",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6473",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6473",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6474",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6474",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6475",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6475",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6476",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6476",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6477",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6477",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6478",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6478",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6479",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6479",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6480",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6480",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6481",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6481",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6482",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6482",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6483",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6483",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6484",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6484",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6485",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6485",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6486",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6486",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6487",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6487",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6488",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6488",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6489",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6489",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6490",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6490",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6491",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6491",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 83.0.4103.61-alt1. \nSecurity Fix(es):\n\n * BDU:2020-02263: Уязвимость браузера Google Chrome, связанная с использованием области памяти после её освобождения, позволяющая нарушителю осуществить выход из изолированной программной среды\n\n * BDU:2020-03671: Уязвимость установщика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03750: Уязвимость компонента Media браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03751: Уязвимость реализации технологии WebRTC браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03752: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03753: Уязвимость инструментов разработчика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03754: Уязвимость буфера обмена браузера Google Chrome, связанная с недостатками используемых мер по защите структур веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03755: Уязвимость инструментов разработчика браузера Google Chrome , позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03756: Уязвимость инструментов разработчика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03757: Уязвимость механизма отображения веб-страниц Blink браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03811: Уязвимость модуля отображения Blink браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03832: Уязвимость полноэкранного режима браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03833: Уязвимость модуля TabStrip браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03834: Уязвимость полноэкранного режима браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03835: Уязвимость механизма общего доступа браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03836: Уязвимость пользовательского интерфейса браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03837: Уязвимость механизма форматирования URL-адресов браузера Google Chrome, связанная с ошибкой механизма управления ресурсами системы, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03839: Уязвимость инструментов разработчика браузера Google Chrome, связанная с недостатком механизма стандартных разрешений, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03840: Уязвимость механизма онлайн оплаты браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03841: Уязвимость компонента ChromeDriver браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03842: Уязвимость навигационной системы браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03843: Уязвимость компонента media router браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03844: Уязвимость политики загрузок браузера Google Chrome, связанная с недостатком механизма стандартных разрешений, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03845: Уязвимость политики загрузок браузера Google Chrome, связанная с недостатком механизма стандартных разрешений, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03846: Уязвимость инструментов разработчика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03847: Уязвимость загрузчика браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-03848: Уязвимость пользовательского интерфейса браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-01136: Уязвимость полноэкранного режима веб-браузера Google Chrome, позволяющая нарушителю проводить межсайтовые сценарные атаки\n\n * CVE-2020-6465: Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-6466: Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-6467: Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6468: Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6469: Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n\n * CVE-2020-6470: Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.\n\n * CVE-2020-6471: Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n\n * CVE-2020-6472: Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.\n\n * CVE-2020-6473: Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2020-6474: Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6475: Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.\n\n * CVE-2020-6476: Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.\n\n * CVE-2020-6477: Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.\n\n * CVE-2020-6478: Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.\n\n * CVE-2020-6479: Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.\n\n * CVE-2020-6480: Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.\n\n * CVE-2020-6481: Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.\n\n * CVE-2020-6482: Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.\n\n * CVE-2020-6483: Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6484: Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.\n\n * CVE-2020-6485: Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6486: Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6487: Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6488: Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-6489: Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.\n\n * CVE-2020-6490: Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.\n\n * CVE-2020-6491: Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-05-29"
},
"Updated": {
"Date": "2020-05-29"
},
"BDUs": [
{
"ID": "BDU:2020-02263",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-02263",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03671",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-269",
"Href": "https://bdu.fstec.ru/vul/2020-03671",
"Impact": "High",
"Public": "20200413"
},
{
"ID": "BDU:2020-03750",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03750",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03751",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03751",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03752",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2020-03752",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03753",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03753",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03754",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2020-03754",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03755",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03755",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03756",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-03756",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03757",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-03757",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03811",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-03811",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "BDU:2020-03832",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2020-03832",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03833",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03833",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03834",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2020-03834",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03835",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2020-03835",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03836",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03836",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03837",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2020-03837",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03839",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03839",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03840",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03840",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03841",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03841",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03842",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2020-03842",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03843",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2020-03843",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03844",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03844",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03845",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2020-03845",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03846",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-03846",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03847",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://bdu.fstec.ru/vul/2020-03847",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2020-03848",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2020-03848",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "BDU:2021-01136",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2021-01136",
"Impact": "Low",
"Public": "20191224"
}
],
"CVEs": [
{
"ID": "CVE-2020-6465",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6465",
"Impact": "Critical",
"Public": "20200521"
},
{
"ID": "CVE-2020-6466",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6466",
"Impact": "Critical",
"Public": "20200521"
},
{
"ID": "CVE-2020-6467",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6467",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "CVE-2020-6468",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6468",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "CVE-2020-6469",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6469",
"Impact": "Critical",
"Public": "20200521"
},
{
"ID": "CVE-2020-6470",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6470",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6471",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6471",
"Impact": "Critical",
"Public": "20200521"
},
{
"ID": "CVE-2020-6472",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6472",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6473",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-203",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6473",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6474",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6474",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "CVE-2020-6475",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6475",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6476",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6476",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6477",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-59",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6477",
"Impact": "High",
"Public": "20200521"
},
{
"ID": "CVE-2020-6478",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6478",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6479",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6479",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6480",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6480",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6481",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6481",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6482",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6482",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6483",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6483",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6484",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6484",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6485",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6485",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6486",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6486",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6487",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6487",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6488",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6488",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6489",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6489",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6490",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6490",
"Impact": "Low",
"Public": "20200521"
},
{
"ID": "CVE-2020-6491",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6491",
"Impact": "Low",
"Public": "20200521"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20202047001",
"Comment": "chromium is earlier than 0:83.0.4103.61-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20202047002",
"Comment": "chromium-gnome is earlier than 0:83.0.4103.61-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20202047003",
"Comment": "chromium-kde is earlier than 0:83.0.4103.61-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink