pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7a88d47876
vuln-list-alt/oval/c10f1/ALT-PU-2020-3135/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

521 lines
27 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20203135",
"Version": "oval:org.altlinux.errata:def:20203135",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-3135: package `ilmbase` update to version 2.5.3-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-3135",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-3135",
"Source": "ALTPU"
},
{
"RefID": "BDU:2020-01876",
"RefURL": "https://bdu.fstec.ru/vul/2020-01876",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03550",
"RefURL": "https://bdu.fstec.ru/vul/2021-03550",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03551",
"RefURL": "https://bdu.fstec.ru/vul/2021-03551",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03603",
"RefURL": "https://bdu.fstec.ru/vul/2021-03603",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03606",
"RefURL": "https://bdu.fstec.ru/vul/2021-03606",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03608",
"RefURL": "https://bdu.fstec.ru/vul/2021-03608",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03609",
"RefURL": "https://bdu.fstec.ru/vul/2021-03609",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03610",
"RefURL": "https://bdu.fstec.ru/vul/2021-03610",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03612",
"RefURL": "https://bdu.fstec.ru/vul/2021-03612",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03613",
"RefURL": "https://bdu.fstec.ru/vul/2021-03613",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03614",
"RefURL": "https://bdu.fstec.ru/vul/2021-03614",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03731",
"RefURL": "https://bdu.fstec.ru/vul/2021-03731",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03732",
"RefURL": "https://bdu.fstec.ru/vul/2021-03732",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05191",
"RefURL": "https://bdu.fstec.ru/vul/2021-05191",
"Source": "BDU"
},
{
"RefID": "CVE-2018-18443",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-18443",
"Source": "CVE"
},
{
"RefID": "CVE-2018-18444",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-18444",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11758",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11758",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11759",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11759",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11760",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11760",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11761",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11761",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11762",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11762",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11763",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11763",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11764",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11764",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11765",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11765",
"Source": "CVE"
},
{
"RefID": "CVE-2020-15304",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15304",
"Source": "CVE"
},
{
"RefID": "CVE-2020-15305",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15305",
"Source": "CVE"
},
{
"RefID": "CVE-2020-15306",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15306",
"Source": "CVE"
},
{
"RefID": "CVE-2020-16587",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-16587",
"Source": "CVE"
},
{
"RefID": "CVE-2020-16588",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-16588",
"Source": "CVE"
},
{
"RefID": "CVE-2020-16589",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-16589",
"Source": "CVE"
}
],
"Description": "This update upgrades ilmbase to version 2.5.3-alt1. \nSecurity Fix(es):\n\n * BDU:2020-01876: Уязвимость функции exrmultiview библиотеки OpenEXR, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03550: Уязвимость функции getChunkOffsetTableSize() программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03551: Уязвимость функции DeepScanLineInputFile::DeepScanLineInputFile() программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03603: Уязвимость функции DwaCompressor::Classifier::Classifier программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с ошибкой единичного смещения, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03606: Уязвимость библиотеки ImfMisc.cpp программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03608: Уязвимость библиотеки ImfOptimizedPixelReading.h программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03609: Уязвимость функции readSampleCountForLineBlock программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с целочисленным переполнением, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03610: Уязвимость программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03612: Уязвимость библиотеки ImfTileOffsets.cpp программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03613: Уязвимость библиотеки FastHufDecoder::refill in ImfFastHuf.cpp программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03614: Уязвимость библиотеки ImfDwaCompressor.cpp программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03731: Уязвимость функции generatePreview библиотеки OpenEXR, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03732: Уязвимость функции writeTileData библиотеки OpenEXR, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-05191: Уязвимость компонента ImfMultiPartInputFile формата графического формата для хранения изображений OpenEXR, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2018-18443: OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.\n\n * CVE-2018-18444: makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.\n\n * CVE-2020-11758: An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.\n\n * CVE-2020-11759: An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.\n\n * CVE-2020-11760: An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.\n\n * CVE-2020-11761: An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.\n\n * CVE-2020-11762: An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.\n\n * CVE-2020-11763: An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.\n\n * CVE-2020-11764: An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.\n\n * CVE-2020-11765: An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.\n\n * CVE-2020-15304: An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.\n\n * CVE-2020-15305: An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.\n\n * CVE-2020-15306: An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.\n\n * CVE-2020-16587: A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.\n\n * CVE-2020-16588: A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.\n\n * CVE-2020-16589: A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-10-27"
},
"Updated": {
"Date": "2020-10-27"
},
"BDUs": [
{
"ID": "BDU:2020-01876",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2020-01876",
"Impact": "High",
"Public": "20181017"
},
{
"ID": "BDU:2021-03550",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-03550",
"Impact": "Low",
"Public": "20200626"
},
{
"ID": "BDU:2021-03551",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03551",
"Impact": "Low",
"Public": "20200626"
},
{
"ID": "BDU:2021-03603",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-193",
"Href": "https://bdu.fstec.ru/vul/2021-03603",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03606",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-03606",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03608",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2021-03608",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03609",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2021-03609",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03610",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2021-03610",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03612",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2021-03612",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03613",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2021-03613",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03614",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2021-03614",
"Impact": "Low",
"Public": "20200502"
},
{
"ID": "BDU:2021-03731",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-03731",
"Impact": "Low",
"Public": "20201209"
},
{
"ID": "BDU:2021-03732",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-03732",
"Impact": "Low",
"Public": "20201209"
},
{
"ID": "BDU:2021-05191",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-05191",
"Impact": "Low",
"Public": "20201209"
}
],
"CVEs": [
{
"ID": "CVE-2018-18443",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-772",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-18443",
"Impact": "Low",
"Public": "20181017"
},
{
"ID": "CVE-2018-18444",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-18444",
"Impact": "High",
"Public": "20181017"
},
{
"ID": "CVE-2020-11758",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11758",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11759",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11759",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11760",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11760",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11761",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11761",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11762",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11762",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11763",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11763",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11764",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11764",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-11765",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11765",
"Impact": "Low",
"Public": "20200414"
},
{
"ID": "CVE-2020-15304",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15304",
"Impact": "Low",
"Public": "20200626"
},
{
"ID": "CVE-2020-15305",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15305",
"Impact": "Low",
"Public": "20200626"
},
{
"ID": "CVE-2020-15306",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15306",
"Impact": "Low",
"Public": "20200626"
},
{
"ID": "CVE-2020-16587",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-16587",
"Impact": "Low",
"Public": "20201209"
},
{
"ID": "CVE-2020-16588",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-16588",
"Impact": "Low",
"Public": "20201209"
},
{
"ID": "CVE-2020-16589",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-16589",
"Impact": "Low",
"Public": "20201209"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20203135001",
"Comment": "ilmbase is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135002",
"Comment": "ilmbase-devel is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135003",
"Comment": "ilmbase25-common is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135004",
"Comment": "libhalf25 is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135005",
"Comment": "libiex25 is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135006",
"Comment": "libiexmath25 is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135007",
"Comment": "libilmthread25 is earlier than 0:2.5.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20203135008",
"Comment": "libimath25 is earlier than 0:2.5.3-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink