pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
43c7060749
vuln-list-alt/oval/p11/ALT-PU-2023-1659/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

800 lines
40 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20231659",
"Version": "oval:org.altlinux.errata:def:20231659",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-1659: package `chromium` update to version 112.0.5615.165-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-1659",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-1659",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-01469",
"RefURL": "https://bdu.fstec.ru/vul/2023-01469",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01616",
"RefURL": "https://bdu.fstec.ru/vul/2023-01616",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01617",
"RefURL": "https://bdu.fstec.ru/vul/2023-01617",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01618",
"RefURL": "https://bdu.fstec.ru/vul/2023-01618",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01619",
"RefURL": "https://bdu.fstec.ru/vul/2023-01619",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01620",
"RefURL": "https://bdu.fstec.ru/vul/2023-01620",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01621",
"RefURL": "https://bdu.fstec.ru/vul/2023-01621",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01862",
"RefURL": "https://bdu.fstec.ru/vul/2023-01862",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01863",
"RefURL": "https://bdu.fstec.ru/vul/2023-01863",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01864",
"RefURL": "https://bdu.fstec.ru/vul/2023-01864",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01865",
"RefURL": "https://bdu.fstec.ru/vul/2023-01865",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01866",
"RefURL": "https://bdu.fstec.ru/vul/2023-01866",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01867",
"RefURL": "https://bdu.fstec.ru/vul/2023-01867",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01868",
"RefURL": "https://bdu.fstec.ru/vul/2023-01868",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01869",
"RefURL": "https://bdu.fstec.ru/vul/2023-01869",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01870",
"RefURL": "https://bdu.fstec.ru/vul/2023-01870",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01871",
"RefURL": "https://bdu.fstec.ru/vul/2023-01871",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01872",
"RefURL": "https://bdu.fstec.ru/vul/2023-01872",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01873",
"RefURL": "https://bdu.fstec.ru/vul/2023-01873",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01874",
"RefURL": "https://bdu.fstec.ru/vul/2023-01874",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01875",
"RefURL": "https://bdu.fstec.ru/vul/2023-01875",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02114",
"RefURL": "https://bdu.fstec.ru/vul/2023-02114",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02170",
"RefURL": "https://bdu.fstec.ru/vul/2023-02170",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02308",
"RefURL": "https://bdu.fstec.ru/vul/2023-02308",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02312",
"RefURL": "https://bdu.fstec.ru/vul/2023-02312",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02313",
"RefURL": "https://bdu.fstec.ru/vul/2023-02313",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02314",
"RefURL": "https://bdu.fstec.ru/vul/2023-02314",
"Source": "BDU"
},
{
"RefID": "CVE-2023-1528",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1528",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1529",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1529",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1530",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1530",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1531",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1531",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1532",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1532",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1533",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1533",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1534",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1534",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1810",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1810",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1811",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1811",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1812",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1812",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1813",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1813",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1814",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1814",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1815",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1815",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1816",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1816",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1817",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1817",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1818",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1818",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1819",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1819",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1820",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1820",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1821",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1821",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1822",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1822",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1823",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1823",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2033",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2033",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2133",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2133",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2134",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2134",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2135",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2135",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2136",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2136",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2137",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2137",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 112.0.5615.165-alt1. \nSecurity Fix(es):\n\n * BDU:2023-01469: Уязвимость компонента Passwords браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01616: Уязвимость интерфейса WebHID (Human Interface Device) браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01617: Уязвимость компонента PDFium браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01618: Уязвимость компонента WebProtect браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01619: Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-01620: Уязвимость компонента GPU Video браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2023-01621: Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2023-01862: Уязвимость технологии Picture In Picture браузера Google Chrome, позволяющая нарушителю выполнить спуфинговую атаку\n\n * BDU:2023-01863: Уязвимость службы Safe Browsing браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-01864: Уязвимость компонента Networking API браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2023-01865: Уязвимость компонента Visuals браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01866: Уязвимость расширений браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-01867: Уязвимость компонента Frames браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01868: Уязвимость истории браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-01869: Уязвимость функции Intents браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01870: Уязвимость компонента FedCM браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01871: Уязвимость компонента WebShare браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01872: Уязвимость компонента DOM Bindings браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01873: Уязвимость режима рендеринга Vulkan браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-01874: Уязвимость функции Navigation браузера Google Chrome, позволяющая нарушителю выполнить спуфинговую атаку\n\n * BDU:2023-01875: Уязвимость компонента Accessibility браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-02114: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02170: Уязвимость библиотеки Skia браузера Google Chrome, позволяющая нарушителю выйти из изолированной программной среды и выполнить произвольный код\n\n * BDU:2023-02308: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02312: Уязвимость скрипта Service Worker API веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02313: Уязвимость компонента SQLite веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02314: Уязвимость скрипта Service Worker API веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-1528: Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1529: Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)\n\n * CVE-2023-1530: Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1531: Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1532: Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1533: Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1534: Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1810: Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1811: Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-1812: Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1813: Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1815: Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1816: Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1817: Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1818: Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1819: Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1820: Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-1821: Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-1822: Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-1823: Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2133: Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2134: Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2135: Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2136: Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2137: Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-04-21"
},
"Updated": {
"Date": "2023-04-21"
},
"BDUs": [
{
"ID": "BDU:2023-01469",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01469",
"Impact": "Critical",
"Public": "20230321"
},
{
"ID": "BDU:2023-01616",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2023-01616",
"Impact": "Critical",
"Public": "20230321"
},
{
"ID": "BDU:2023-01617",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01617",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "BDU:2023-01618",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01618",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "BDU:2023-01619",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01619",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "BDU:2023-01620",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2023-01620",
"Impact": "Low",
"Public": "20230321"
},
{
"ID": "BDU:2023-01621",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2023-01621",
"Impact": "Low",
"Public": "20230321"
},
{
"ID": "BDU:2023-01862",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2023-01862",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01863",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2023-01863",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01864",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01864",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01865",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2023-01865",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01866",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-01866",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01867",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01867",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01868",
"CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2023-01868",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01869",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2023-01869",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01870",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-01870",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01871",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-01871",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01872",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2023-01872",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01873",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01873",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01874",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2023-01874",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-01875",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2023-01875",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "BDU:2023-02114",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2023-02114",
"Impact": "Critical",
"Public": "20230414"
},
{
"ID": "BDU:2023-02170",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2023-02170",
"Impact": "Critical",
"Public": "20230418"
},
{
"ID": "BDU:2023-02308",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-02308",
"Impact": "High",
"Public": "20230418"
},
{
"ID": "BDU:2023-02312",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-02312",
"Impact": "High",
"Public": "20230418"
},
{
"ID": "BDU:2023-02313",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-02313",
"Impact": "High",
"Public": "20230418"
},
{
"ID": "BDU:2023-02314",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-02314",
"Impact": "High",
"Public": "20230418"
}
],
"CVEs": [
{
"ID": "CVE-2023-1528",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1528",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "CVE-2023-1529",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1529",
"Impact": "Critical",
"Public": "20230321"
},
{
"ID": "CVE-2023-1530",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1530",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "CVE-2023-1531",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1531",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "CVE-2023-1532",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1532",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "CVE-2023-1533",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1533",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "CVE-2023-1534",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1534",
"Impact": "High",
"Public": "20230321"
},
{
"ID": "CVE-2023-1810",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1810",
"Impact": "High",
"Public": "20230404"
},
{
"ID": "CVE-2023-1811",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1811",
"Impact": "High",
"Public": "20230404"
},
{
"ID": "CVE-2023-1812",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1812",
"Impact": "High",
"Public": "20230404"
},
{
"ID": "CVE-2023-1813",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1813",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1814",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1814",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1815",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1815",
"Impact": "High",
"Public": "20230404"
},
{
"ID": "CVE-2023-1816",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1816",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1817",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1817",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1818",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1818",
"Impact": "High",
"Public": "20230404"
},
{
"ID": "CVE-2023-1819",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1819",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1820",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1820",
"Impact": "High",
"Public": "20230404"
},
{
"ID": "CVE-2023-1821",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1821",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1822",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1822",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-1823",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1823",
"Impact": "Low",
"Public": "20230404"
},
{
"ID": "CVE-2023-2033",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2033",
"Impact": "High",
"Public": "20230414"
},
{
"ID": "CVE-2023-2133",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2133",
"Impact": "High",
"Public": "20230419"
},
{
"ID": "CVE-2023-2134",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2134",
"Impact": "High",
"Public": "20230419"
},
{
"ID": "CVE-2023-2135",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2135",
"Impact": "High",
"Public": "20230419"
},
{
"ID": "CVE-2023-2136",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2136",
"Impact": "Critical",
"Public": "20230419"
},
{
"ID": "CVE-2023-2137",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2137",
"Impact": "High",
"Public": "20230419"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20231659001",
"Comment": "chromium is earlier than 0:112.0.5615.165-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink