1166 lines
60 KiB
JSON
1166 lines
60 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:20203035",
|
||
"Version": "oval:org.altlinux.errata:def:20203035",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2020-3035: package `chromium` update to version 86.0.4240.75-alt1",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch p10"
|
||
],
|
||
"Products": [
|
||
"ALT Server",
|
||
"ALT Virtualization Server",
|
||
"ALT Workstation",
|
||
"ALT Workstation K",
|
||
"ALT Education",
|
||
"Simply Linux",
|
||
"Starterkit"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2020-3035",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-3035",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05623",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05623",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05624",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05624",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05625",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05625",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01458",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01458",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01476",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01476",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01477",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01477",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01478",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01478",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01485",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01485",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01486",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01486",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01487",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01487",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01488",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01488",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01489",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01489",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01490",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01490",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01491",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01491",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01516",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01516",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01517",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01517",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01518",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01518",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01519",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01519",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01520",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01520",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01521",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01521",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01522",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01522",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01523",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01523",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01524",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01524",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01704",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01704",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01755",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01755",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06059",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06059",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06061",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06061",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06062",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06062",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06064",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06064",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06065",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06065",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06066",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06066",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06067",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06067",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06068",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06068",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06071",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06071",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06072",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06072",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06073",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06073",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06076",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06076",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-06077",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-06077",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15959",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15959",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15960",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15960",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15961",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15961",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15962",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15962",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15963",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15963",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15964",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15964",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15965",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15965",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15966",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15966",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15967",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15967",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15968",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15968",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15969",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15969",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15970",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15970",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15971",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15971",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15972",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15972",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15973",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15973",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15974",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15974",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15975",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15975",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15976",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15976",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15977",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15977",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15978",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15978",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15979",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15979",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15980",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15980",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15981",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15981",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15982",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15982",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15983",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15983",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15984",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15984",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15985",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15985",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15986",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15986",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15987",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15987",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15988",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15988",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15989",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15989",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15990",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15990",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15991",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15991",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15992",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15992",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6557",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6557",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6573",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6573",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6575",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6575",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6576",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6576",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades chromium to version 86.0.4240.75-alt1. \nSecurity Fix(es):\n\n * BDU:2020-05623: Уязвимость компонента Networking веб-браузера Google Chrome, позволяющая нарушителю осуществить подмену домена\n\n * BDU:2020-05624: Уязвимость обработчика PDF-содержимого PDFium веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2020-05625: Уязвимость компонента Networking веб-браузера Google Chrome, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2021-01458: Уязвимость хранилища браузера Google Chrome, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01476: Уязвимость компонента autofill браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01477: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01478: Уязвимость модуля отображения Blink браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01485: Уязвимость компонента audio браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01486: Уязвимость реализации технологии WebRTC программных средств Google Chrome, Firefox, Firefox-ESR и Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01487: Уязвимость расширений браузера Google Chrome, связанная с недостатками разграничения доступа к некоторым функциям, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-01488: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01489: Уязвимость расширений браузера Google Chrome, связанная с недостатками разграничения доступа к некоторым функциям, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01490: Уязвимость расширений браузера Google Chrome, связанная с недостатками разграничения доступа к некоторым функциям, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01491: Уязвимость компонента networking браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-01516: Уязвимость менеджера паролей браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01517: Уязвимость реализации технологии WebRTC браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01518: Уязвимость компонента cache браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-01519: Уязвимость программы 3D рендера SwiftShader браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01520: Уязвимость расширений браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2021-01521: Уязвимость функции печати браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01522: Уязвимость модуля отображения Blink браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01523: Уязвимость компонента media браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01524: Уязвимость компонента SerialPort браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01704: Уязвимость функции OffscreenCanvas браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-01755: Уязвимость библиотеки передачи сообщений Mojo браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-06059: Уязвимость компонента video браузера Google Chrome, позволяющая нарушителю выйти из изолированной программной среды\n\n * BDU:2021-06061: Уязвимость пользовательского интерфейса WebUI браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа\n\n * BDU:2021-06062: Уязвимость компонента NFC браузера Google Chrome , связанная с использованием памяти после её освобождения, позволяющая нарушителю выйти из изолированной программной среды\n\n * BDU:2021-06064: Уязвимость компонента Payments браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности с помощью специально созданной HTML страницы\n\n * BDU:2021-06065: Уязвимость реализации диалоговых окон браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-06066: Уязвимость API для доступа к устройствам виртуальной реальности WebVR браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности с помощью специально созданной HTML страницы\n\n * BDU:2021-06067: Уязвимость компонента Audio браузера Google Chrome, связанная с чтением за границами буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-06068: Уязвимость функции Downloads веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-06071: Уязвимость компонента Media браузера Google Chrome, вызванная целочисленным переполнением, позволяющая нарушителю вызвать переполнение буфера с помощью специально созданной HTML страницы\n\n * BDU:2021-06072: Уязвимость функции Intents браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа\n\n * BDU:2021-06073: Уязвимость функции Navigation браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения\n\n * BDU:2021-06076: Уязвимость адресной строки Omnibox браузера Google Chrome, позволяющая нарушителю подделать содержимое адресной строки с помощью специально созданного URL\n\n * BDU:2021-06077: Уязвимость механизма отображения веб-страниц Blink браузера Google Chrome, позволяющая нарушителю проводить спуфинг-атаки\n\n * CVE-2020-15959: Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.\n\n * CVE-2020-15960: Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.\n\n * CVE-2020-15961: Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n\n * CVE-2020-15962: Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.\n\n * CVE-2020-15963: Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n\n * CVE-2020-15964: Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15965: Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.\n\n * CVE-2020-15966: Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.\n\n * CVE-2020-15967: Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-15968: Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15969: Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15970: Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-15971: Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-15972: Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15973: Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.\n\n * CVE-2020-15974: Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.\n\n * CVE-2020-15975: Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15976: Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15977: Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.\n\n * CVE-2020-15978: Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2020-15979: Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15980: Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.\n\n * CVE-2020-15981: Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2020-15982: Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2020-15983: Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.\n\n * CVE-2020-15984: Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.\n\n * CVE-2020-15985: Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.\n\n * CVE-2020-15986: Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-15987: Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.\n\n * CVE-2020-15988: Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.\n\n * CVE-2020-15989: Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.\n\n * CVE-2020-15990: Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-15991: Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-15992: Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.\n\n * CVE-2020-6557: Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.\n\n * CVE-2020-6573: Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-6575: Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2020-6576: Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "Critical",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2020-10-13"
|
||
},
|
||
"Updated": {
|
||
"Date": "2020-10-13"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2020-05623",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CWE": "CWE-358",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05623",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05624",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-665",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05624",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05625",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05625",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01458",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01458",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01476",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01476",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01477",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-358",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01477",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01478",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01478",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01485",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01485",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01486",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01486",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01487",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01487",
|
||
"Impact": "Low",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01488",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01488",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01489",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01489",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01490",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01490",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01491",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01491",
|
||
"Impact": "Low",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01516",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01516",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01517",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01517",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01518",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-310",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01518",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01519",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01519",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01520",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01520",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01521",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01521",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01522",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01522",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01523",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01523",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01524",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01524",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01704",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01704",
|
||
"Impact": "Low",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01755",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01755",
|
||
"Impact": "Low",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06059",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06059",
|
||
"Impact": "Critical",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06061",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06061",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06062",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06062",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06064",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06064",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06065",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06065",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06066",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06066",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06067",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06067",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06068",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06068",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06071",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06071",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06072",
|
||
"CVSS": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
|
||
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06072",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06073",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06073",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06076",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06076",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-06077",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-358",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-06077",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2020-15959",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15959",
|
||
"Impact": "Low",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15960",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15960",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15961",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15961",
|
||
"Impact": "Critical",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15962",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15962",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15963",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15963",
|
||
"Impact": "Critical",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15964",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15964",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15965",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15965",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15966",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15966",
|
||
"Impact": "Low",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15967",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15967",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15968",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15968",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15969",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15969",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15970",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15970",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15971",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15971",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15972",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15972",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15973",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15973",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15974",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15974",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15975",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15975",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15976",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15976",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15977",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15977",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15978",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15978",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15979",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15979",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15980",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15980",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15981",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15981",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15982",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15982",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15983",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15983",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15984",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15984",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15985",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15985",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15986",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15986",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15987",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15987",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15988",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15988",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15989",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-908",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15989",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15990",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15990",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15991",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15991",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15992",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15992",
|
||
"Impact": "High",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6557",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6557",
|
||
"Impact": "Low",
|
||
"Public": "20201103"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6573",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6573",
|
||
"Impact": "Critical",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6575",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6575",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6576",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6576",
|
||
"Impact": "High",
|
||
"Public": "20200921"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:kworkstation:10",
|
||
"cpe:/o:alt:workstation:10",
|
||
"cpe:/o:alt:server:10",
|
||
"cpe:/o:alt:server-v:10",
|
||
"cpe:/o:alt:education:10",
|
||
"cpe:/o:alt:slinux:10",
|
||
"cpe:/o:alt:starterkit:p10",
|
||
"cpe:/o:alt:kworkstation:10.1",
|
||
"cpe:/o:alt:workstation:10.1",
|
||
"cpe:/o:alt:server:10.1",
|
||
"cpe:/o:alt:server-v:10.1",
|
||
"cpe:/o:alt:education:10.1",
|
||
"cpe:/o:alt:slinux:10.1",
|
||
"cpe:/o:alt:starterkit:10.1",
|
||
"cpe:/o:alt:kworkstation:10.2",
|
||
"cpe:/o:alt:workstation:10.2",
|
||
"cpe:/o:alt:server:10.2",
|
||
"cpe:/o:alt:server-v:10.2",
|
||
"cpe:/o:alt:education:10.2",
|
||
"cpe:/o:alt:slinux:10.2",
|
||
"cpe:/o:alt:starterkit:10.2"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:2001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20203035001",
|
||
"Comment": "chromium is earlier than 0:86.0.4240.75-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20203035002",
|
||
"Comment": "chromium-gnome is earlier than 0:86.0.4240.75-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20203035003",
|
||
"Comment": "chromium-kde is earlier than 0:86.0.4240.75-alt1"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |