pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
43c7060749
vuln-list-alt/oval/p11/ALT-PU-2017-1150/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

650 lines
31 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20171150",
"Version": "oval:org.altlinux.errata:def:20171150",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2017-1150: package `chromium` update to version 56.0.2924.87-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2017-1150",
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-1150",
"Source": "ALTPU"
},
{
"RefID": "BDU:2017-00376",
"RefURL": "https://bdu.fstec.ru/vul/2017-00376",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00377",
"RefURL": "https://bdu.fstec.ru/vul/2017-00377",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00378",
"RefURL": "https://bdu.fstec.ru/vul/2017-00378",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00379",
"RefURL": "https://bdu.fstec.ru/vul/2017-00379",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00380",
"RefURL": "https://bdu.fstec.ru/vul/2017-00380",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00381",
"RefURL": "https://bdu.fstec.ru/vul/2017-00381",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00382",
"RefURL": "https://bdu.fstec.ru/vul/2017-00382",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00383",
"RefURL": "https://bdu.fstec.ru/vul/2017-00383",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00384",
"RefURL": "https://bdu.fstec.ru/vul/2017-00384",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00385",
"RefURL": "https://bdu.fstec.ru/vul/2017-00385",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00386",
"RefURL": "https://bdu.fstec.ru/vul/2017-00386",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00387",
"RefURL": "https://bdu.fstec.ru/vul/2017-00387",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00388",
"RefURL": "https://bdu.fstec.ru/vul/2017-00388",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00389",
"RefURL": "https://bdu.fstec.ru/vul/2017-00389",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00390",
"RefURL": "https://bdu.fstec.ru/vul/2017-00390",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00391",
"RefURL": "https://bdu.fstec.ru/vul/2017-00391",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00392",
"RefURL": "https://bdu.fstec.ru/vul/2017-00392",
"Source": "BDU"
},
{
"RefID": "BDU:2017-00393",
"RefURL": "https://bdu.fstec.ru/vul/2017-00393",
"Source": "BDU"
},
{
"RefID": "CVE-2017-1000460",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000460",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5006",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5006",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5007",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5007",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5008",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5008",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5009",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5009",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5010",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5010",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5011",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5011",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5012",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5012",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5013",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5013",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5014",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5014",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5015",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5015",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5016",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5016",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5017",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5017",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5018",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5018",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5019",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5019",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5020",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5020",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5021",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5021",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5022",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5022",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5023",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5023",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5024",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5024",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5025",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5025",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5026",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5026",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5027",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5027",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5028",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5028",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 56.0.2924.87-alt1. \nSecurity Fix(es):\n\n * BDU:2017-00376: Уязвимость браузера Google Chrome, позволяющая нарушителю обойти политику безопасности контента\n\n * BDU:2017-00377: Уязвимость браузера Google Chrome, позволяющая нарушителю просматривать оповещения\n\n * BDU:2017-00378: Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00379: Уязвимость браузера Google Chrome, позволяющая нарушителю получить доступ к локальным файлам\n\n * BDU:2017-00380: Уязвимость браузера Google Chrome, позволяющая нарушителю обойти политику безопасности контента\n\n * BDU:2017-00381: Уязвимость браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2017-00382: Уязвимость браузера Google Chrome, позволяющая нарушителю получить доступ к защищаемой информации\n\n * BDU:2017-00383: Уязвимость браузера Google Chrome, позволяющая нарушителю просматривать некоторые элементы пользовательского интерфейса\n\n * BDU:2017-00384: Уязвимость браузера Google Chrome, позволяющая нарушителю выполнить подмену домена\n\n * BDU:2017-00385: Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00386: Уязвимость браузера Google Chrome, позволяющая нарушителю подменить содержимое в Omnibox (URL bar)\n\n * BDU:2017-00387: Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00388: Уязвимость браузера Google Chrome, позволяющая нарушителю установить вредоносное расширение\n\n * BDU:2017-00389: Уязвимость браузера Google Chrome, позволяющая нарушителю внедрить произвольный скрипт\n\n * BDU:2017-00390: Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00391: Уязвимость браузера Google Chrome, позволяющая нарушителю внедрить произвольный скрипт\n\n * BDU:2017-00392: Уязвимость браузера Google Chrome, позволяющая нарушителю внедрить произвольный скрипт\n\n * BDU:2017-00393: Уязвимость компонента Blink браузера Google Chrome, позволяющая нарушителю внедрить произвольный скрипт\n\n * CVE-2017-1000460: In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(\u0026gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.\n\n * CVE-2017-5006: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.\n\n * CVE-2017-5007: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.\n\n * CVE-2017-5008: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.\n\n * CVE-2017-5009: WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2017-5010: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.\n\n * CVE-2017-5011: Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page.\n\n * CVE-2017-5012: A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2017-5013: Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2017-5014: Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.\n\n * CVE-2017-5015: Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.\n\n * CVE-2017-5016: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page.\n\n * CVE-2017-5017: Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page.\n\n * CVE-2017-5018: Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.\n\n * CVE-2017-5019: A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2017-5020: Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted HTML page.\n\n * CVE-2017-5021: A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.\n\n * CVE-2017-5022: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.\n\n * CVE-2017-5023: Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.\n\n * CVE-2017-5024: FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.\n\n * CVE-2017-5025: FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.\n\n * CVE-2017-5026: Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page.\n\n * CVE-2017-5027: Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.\n\n * CVE-2017-5028: Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2017-02-09"
},
"Updated": {
"Date": "2017-02-09"
},
"BDUs": [
{
"ID": "BDU:2017-00376",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2017-00376",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00377",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2017-00377",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00378",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-00378",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00379",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2017-00379",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00380",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2017-00380",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00381",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2017-00381",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00382",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2017-00382",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00383",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2017-00383",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00384",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2017-00384",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00385",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-00385",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00386",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2017-00386",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00387",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-00387",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00388",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2017-00388",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00389",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2017-00389",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00390",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-00390",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00391",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2017-00391",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00392",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2017-00392",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "BDU:2017-00393",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://bdu.fstec.ru/vul/2017-00393",
"Impact": "High",
"Public": "20170217"
}
],
"CVEs": [
{
"ID": "CVE-2017-1000460",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000460",
"Impact": "Low",
"Public": "20180103"
},
{
"ID": "CVE-2017-5006",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5006",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5007",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5007",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5008",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5008",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5009",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5009",
"Impact": "High",
"Public": "20170217"
},
{
"ID": "CVE-2017-5010",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5010",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5011",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5011",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5012",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5012",
"Impact": "High",
"Public": "20170217"
},
{
"ID": "CVE-2017-5013",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5013",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5014",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5014",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5015",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5015",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5016",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-1021",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5016",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5017",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5017",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5018",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5018",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5019",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5019",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5020",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5020",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5021",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5021",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5022",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5022",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5023",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5023",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5024",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5024",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5025",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5025",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5026",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-1021",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5026",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5027",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5027",
"Impact": "Low",
"Public": "20170217"
},
{
"ID": "CVE-2017-5028",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5028",
"Impact": "Low",
"Public": "20190627"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20171150001",
"Comment": "chromium is earlier than 0:56.0.2924.87-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20171150002",
"Comment": "chromium-gnome is earlier than 0:56.0.2924.87-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20171150003",
"Comment": "chromium-kde is earlier than 0:56.0.2924.87-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink