pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
912b27fb15
vuln-list-alt/oval/c9f2/ALT-PU-2019-1782/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

767 lines
40 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20191782",
"Version": "oval:org.altlinux.errata:def:20191782",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2019-1782: package `chromium` update to version 74.0.3729.131-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2019-1782",
"RefURL": "https://errata.altlinux.org/ALT-PU-2019-1782",
"Source": "ALTPU"
},
{
"RefID": "BDU:2019-02857",
"RefURL": "https://bdu.fstec.ru/vul/2019-02857",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03577",
"RefURL": "https://bdu.fstec.ru/vul/2019-03577",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03578",
"RefURL": "https://bdu.fstec.ru/vul/2019-03578",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03579",
"RefURL": "https://bdu.fstec.ru/vul/2019-03579",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03580",
"RefURL": "https://bdu.fstec.ru/vul/2019-03580",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03581",
"RefURL": "https://bdu.fstec.ru/vul/2019-03581",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03582",
"RefURL": "https://bdu.fstec.ru/vul/2019-03582",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03583",
"RefURL": "https://bdu.fstec.ru/vul/2019-03583",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03584",
"RefURL": "https://bdu.fstec.ru/vul/2019-03584",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03585",
"RefURL": "https://bdu.fstec.ru/vul/2019-03585",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03586",
"RefURL": "https://bdu.fstec.ru/vul/2019-03586",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03587",
"RefURL": "https://bdu.fstec.ru/vul/2019-03587",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03588",
"RefURL": "https://bdu.fstec.ru/vul/2019-03588",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03589",
"RefURL": "https://bdu.fstec.ru/vul/2019-03589",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03590",
"RefURL": "https://bdu.fstec.ru/vul/2019-03590",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03591",
"RefURL": "https://bdu.fstec.ru/vul/2019-03591",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03592",
"RefURL": "https://bdu.fstec.ru/vul/2019-03592",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01407",
"RefURL": "https://bdu.fstec.ru/vul/2020-01407",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01413",
"RefURL": "https://bdu.fstec.ru/vul/2020-01413",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01719",
"RefURL": "https://bdu.fstec.ru/vul/2020-01719",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01720",
"RefURL": "https://bdu.fstec.ru/vul/2020-01720",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01721",
"RefURL": "https://bdu.fstec.ru/vul/2020-01721",
"Source": "BDU"
},
{
"RefID": "CVE-2019-13698",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-13698",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5805",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5805",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5806",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5806",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5807",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5807",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5808",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5808",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5809",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5809",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5810",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5810",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5811",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5811",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5812",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5812",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5813",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5813",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5814",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5814",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5815",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5815",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5816",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5816",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5817",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5817",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5818",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5818",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5819",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5819",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5820",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5820",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5821",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5821",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5822",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5822",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5823",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5823",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5824",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5824",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5825",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5825",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5826",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5826",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5827",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5827",
"Source": "CVE"
},
{
"RefID": "CVE-2019-5843",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-5843",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6503",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6503",
"Source": "CVE"
},
{
"RefID": "CVE-2020-6504",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6504",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 74.0.3729.131-alt1. \nSecurity Fix(es):\n\n * BDU:2019-02857: Уязвимость веб-браузера Google Chrome, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2019-03577: Уязвимость обработчика PDF-содержимого PDFium браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-03578: Уязвимость библиотеки ANGLE браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03579: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03580: Уязвимость механизма отображения веб-страниц Blink веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03581: Уязвимость файла chooser браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03582: Уязвимость браузера Google Chrome, связанная с ошибкой автозаполнения, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2019-03583: Уязвимость скрипта ServiceWorker браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03584: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03585: Уязвимость механизма отображения веб-страниц Blink веб-браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2019-03586: Уязвимость браузера Google Chrome, связанная с использованием неинициализированных значений, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2019-03587: Уязвимость браузера Google Chrome, связанная с ошибками при проверке данных в инструментах разработчика. позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03588: Уязвимость обработчика PDF-содержимого PDFium браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03589: Уязвимость обработчика PDF-содержимого PDFium браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03590: Уязвимость механизма отображения веб-страниц Blink веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-03591: Уязвимость браузера Google Chrome, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность\n\n * BDU:2019-03592: Уязвимость браузера Google Chrome, связанная с ошибкой передачи параметров в медиапроигрывателе, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2020-01407: Уязвимость функции xsltNumberFormatGetMultipleLevel библиотеки для анализа XML-документов libxslt, связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-01413: Уязвимость обработчика JavaScript-сценариев браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-01719: Уязвимость браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01720: Уязвимость браузера Google Chrome, связанная с неправильным контролем над ресурсом на протяжении его жизненного цикла, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01721: Уязвимость графического движка ANGEL браузера Google Chrome, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2019-13698: Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5805: Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.\n\n * CVE-2019-5806: Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5807: Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5808: Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5809: Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.\n\n * CVE-2019-5810: Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2019-5811: Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.\n\n * CVE-2019-5812: Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page.\n\n * CVE-2019-5813: Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5814: Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2019-5815: Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.\n\n * CVE-2019-5816: Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.\n\n * CVE-2019-5817: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5818: Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.\n\n * CVE-2019-5819: Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.\n\n * CVE-2019-5820: Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.\n\n * CVE-2019-5821: Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.\n\n * CVE-2019-5822: Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.\n\n * CVE-2019-5823: Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2019-5824: Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5825: Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5826: Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5827: Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2019-5843: Out of bounds memory access in JavaScript in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6503: Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\n\n * CVE-2020-6504: Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2019-05-08"
},
"Updated": {
"Date": "2019-05-08"
},
"BDUs": [
{
"ID": "BDU:2019-02857",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-02857",
"Impact": "High",
"Public": "20190412"
},
{
"ID": "BDU:2019-03577",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-03577",
"Impact": "Low",
"Public": "20190801"
},
{
"ID": "BDU:2019-03578",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-03578",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03579",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-03579",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03580",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-03580",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03581",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-03581",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03582",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2019-03582",
"Impact": "Low",
"Public": "20190801"
},
{
"ID": "BDU:2019-03583",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-19",
"Href": "https://bdu.fstec.ru/vul/2019-03583",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03584",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-03584",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03585",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-285",
"Href": "https://bdu.fstec.ru/vul/2019-03585",
"Impact": "Low",
"Public": "20190801"
},
{
"ID": "BDU:2019-03586",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2019-03586",
"Impact": "Low",
"Public": "20190801"
},
{
"ID": "BDU:2019-03587",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-03587",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03588",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-03588",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03589",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2019-03589",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03590",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2019-03590",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2019-03591",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-601",
"Href": "https://bdu.fstec.ru/vul/2019-03591",
"Impact": "Low",
"Public": "20190801"
},
{
"ID": "BDU:2019-03592",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-03592",
"Impact": "High",
"Public": "20190801"
},
{
"ID": "BDU:2020-01407",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2020-01407",
"Impact": "High",
"Public": "20191210"
},
{
"ID": "BDU:2020-01413",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-01413",
"Impact": "Low",
"Public": "20200108"
},
{
"ID": "BDU:2020-01719",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2020-01719",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "BDU:2020-01720",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-644",
"Href": "https://bdu.fstec.ru/vul/2020-01720",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "BDU:2020-01721",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2020-01721",
"Impact": "High",
"Public": "20190627"
}
],
"CVEs": [
{
"ID": "CVE-2019-13698",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-13698",
"Impact": "High",
"Public": "20191125"
},
{
"ID": "CVE-2019-5805",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5805",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "CVE-2019-5806",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5806",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5807",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5807",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5808",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5808",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5809",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5809",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5810",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-312",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5810",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "CVE-2019-5811",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5811",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5812",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5812",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "CVE-2019-5813",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5813",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5814",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-352",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5814",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "CVE-2019-5815",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5815",
"Impact": "High",
"Public": "20191211"
},
{
"ID": "CVE-2019-5816",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-664",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5816",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5817",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5817",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5818",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-908",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5818",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "CVE-2019-5819",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5819",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5820",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5820",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5821",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5821",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5822",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5822",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5823",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-601",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5823",
"Impact": "Low",
"Public": "20190627"
},
{
"ID": "CVE-2019-5824",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5824",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5825",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5825",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-5826",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5826",
"Impact": "Low",
"Public": "20191125"
},
{
"ID": "CVE-2019-5827",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5827",
"Impact": "High",
"Public": "20190627"
},
{
"ID": "CVE-2019-5843",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-5843",
"Impact": "High",
"Public": "20191210"
},
{
"ID": "CVE-2020-6503",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-209",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6503",
"Impact": "Low",
"Public": "20200603"
},
{
"ID": "CVE-2020-6504",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6504",
"Impact": "Low",
"Public": "20200603"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20191782001",
"Comment": "chromium is earlier than 0:74.0.3729.131-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191782002",
"Comment": "chromium-gnome is earlier than 0:74.0.3729.131-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191782003",
"Comment": "chromium-kde is earlier than 0:74.0.3729.131-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink