pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p11/ALT-PU-2021-1228/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

513 lines
26 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20211228",
"Version": "oval:org.altlinux.errata:def:20211228",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-1228: package `faad` update to version 2.10.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-1228",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-1228",
"Source": "ALTPU"
},
{
"RefID": "BDU:2018-00113",
"RefURL": "https://bdu.fstec.ru/vul/2018-00113",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00419",
"RefURL": "https://bdu.fstec.ru/vul/2019-00419",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04177",
"RefURL": "https://bdu.fstec.ru/vul/2019-04177",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04178",
"RefURL": "https://bdu.fstec.ru/vul/2019-04178",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04179",
"RefURL": "https://bdu.fstec.ru/vul/2019-04179",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04180",
"RefURL": "https://bdu.fstec.ru/vul/2019-04180",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04181",
"RefURL": "https://bdu.fstec.ru/vul/2019-04181",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04564",
"RefURL": "https://bdu.fstec.ru/vul/2019-04564",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04565",
"RefURL": "https://bdu.fstec.ru/vul/2019-04565",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04566",
"RefURL": "https://bdu.fstec.ru/vul/2019-04566",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04567",
"RefURL": "https://bdu.fstec.ru/vul/2019-04567",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04568",
"RefURL": "https://bdu.fstec.ru/vul/2019-04568",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01810",
"RefURL": "https://bdu.fstec.ru/vul/2022-01810",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05696",
"RefURL": "https://bdu.fstec.ru/vul/2022-05696",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05764",
"RefURL": "https://bdu.fstec.ru/vul/2022-05764",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05765",
"RefURL": "https://bdu.fstec.ru/vul/2022-05765",
"Source": "BDU"
},
{
"RefID": "CVE-2017-9218",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9218",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9219",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9219",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9220",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9220",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9221",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9221",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9222",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9222",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9223",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9223",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9253",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9253",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9254",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9254",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9255",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9255",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9256",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9256",
"Source": "CVE"
},
{
"RefID": "CVE-2017-9257",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-9257",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20199",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20199",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20360",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20360",
"Source": "CVE"
},
{
"RefID": "CVE-2019-6956",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-6956",
"Source": "CVE"
},
{
"RefID": "CVE-2021-32272",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-32272",
"Source": "CVE"
}
],
"Description": "This update upgrades faad to version 2.10.0-alt1. \nSecurity Fix(es):\n\n * BDU:2018-00113: Уязвимость функции mp4ff_read_ctts декодера аудио-файлов Freeware Advanced Audio Decoder 2, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-00419: Уязвимость функции mp4ff_read_stts набора программного обеспечения для работы с аудиофайлами Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04177: Уязвимость функции mp4ff_read_stsd (common/mp4ff/mp4atom.c) аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04178: Уязвимость функции mp4ff_read_stsc (common/mp4ff/mp4atom.c) аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04179: Уязвимость функции mp4ff_read_stco (common/mp4ff/mp4atom.c) аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04180: Уязвимость функции mp4ff_read_mdhd (common/mp4ff/mp4atom.c) аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04181: Уязвимость функции mp4ff_read_stts (common/mp4ff/mp4atom.c) аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04564: Уязвимость функции mp4ff_parse_tag программного обеспечения для работы с аудиофайлами Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04565: Уязвимость функции mp4ff_read_stsd программного обеспечения для работы с аудиофайлами Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04566: Уязвимость функции mp4ff_read_stsc программного обеспечения для работы с аудиофайлами Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04567: Уязвимость функции mp4ff_read_stco программного обеспечения для работы с аудиофайлами Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04568: Уязвимость функции mp4ff_read_stco программного обеспечения для работы с аудиофайлами Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01810: Уязвимость функции stszin компонента mp4read.c аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-05696: Уязвимость функции ifilter_bank компонента libfaad/filtbank.c аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-05764: Уязвимость функции ps_mix_phase компонента libfaad/ps_dec.c аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании\n\n * BDU:2022-05765: Уязвимость функции sbr_process_channel компонента libfaad/sbr_dec.c аудио декодера Freeware Advanced Audio Decoder 2 (FAAD2), позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2017-9218: The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.\n\n * CVE-2017-9219: The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file.\n\n * CVE-2017-9220: The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file.\n\n * CVE-2017-9221: The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.\n\n * CVE-2017-9222: The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.\n\n * CVE-2017-9223: The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.\n\n * CVE-2017-9253: The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.\n\n * CVE-2017-9254: The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.\n\n * CVE-2017-9255: The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.\n\n * CVE-2017-9256: The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.\n\n * CVE-2017-9257: The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.\n\n * CVE-2018-20199: A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.\n\n * CVE-2018-20360: An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.\n\n * CVE-2019-6956: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.\n\n * CVE-2021-32272: An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-02-06"
},
"Updated": {
"Date": "2024-04-04"
},
"BDUs": [
{
"ID": "BDU:2018-00113",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2018-00113",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-00419",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-399",
"Href": "https://bdu.fstec.ru/vul/2019-00419",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04177",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-04177",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04178",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-04178",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04179",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-04179",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04180",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-04180",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04181",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-04181",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04564",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://bdu.fstec.ru/vul/2019-04564",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04565",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://bdu.fstec.ru/vul/2019-04565",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04566",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://bdu.fstec.ru/vul/2019-04566",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04567",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://bdu.fstec.ru/vul/2019-04567",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2019-04568",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://bdu.fstec.ru/vul/2019-04568",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "BDU:2022-01810",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-01810",
"Impact": "High",
"Public": "20210920"
},
{
"ID": "BDU:2022-05696",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-05696",
"Impact": "Low",
"Public": "20181217"
},
{
"ID": "BDU:2022-05764",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-05764",
"Impact": "High",
"Public": "20181123"
},
{
"ID": "BDU:2022-05765",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2022-05765",
"Impact": "Low",
"Public": "20181217"
}
],
"CVEs": [
{
"ID": "CVE-2017-9218",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9218",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9219",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9219",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9220",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9220",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9221",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9221",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9222",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9222",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9223",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9223",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9253",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9253",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9254",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9254",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9255",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9255",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9256",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9256",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2017-9257",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-834",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-9257",
"Impact": "Low",
"Public": "20170627"
},
{
"ID": "CVE-2018-20199",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20199",
"Impact": "Low",
"Public": "20181218"
},
{
"ID": "CVE-2018-20360",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20360",
"Impact": "Low",
"Public": "20181222"
},
{
"ID": "CVE-2019-6956",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-6956",
"Impact": "High",
"Public": "20190125"
},
{
"ID": "CVE-2021-32272",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-32272",
"Impact": "High",
"Public": "20210920"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20211228001",
"Comment": "faad is earlier than 0:2.10.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211228002",
"Comment": "libfaad-devel is earlier than 0:2.10.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211228003",
"Comment": "libfaad2 is earlier than 0:2.10.0-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink