pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p10/ALT-PU-2022-1580/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

940 lines
47 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20221580",
"Version": "oval:org.altlinux.errata:def:20221580",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2022-1580: package `chromium` update to version 99.0.4844.74-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2022-1580",
"RefURL": "https://errata.altlinux.org/ALT-PU-2022-1580",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-01076",
"RefURL": "https://bdu.fstec.ru/vul/2022-01076",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01077",
"RefURL": "https://bdu.fstec.ru/vul/2022-01077",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01168",
"RefURL": "https://bdu.fstec.ru/vul/2022-01168",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01169",
"RefURL": "https://bdu.fstec.ru/vul/2022-01169",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01170",
"RefURL": "https://bdu.fstec.ru/vul/2022-01170",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01171",
"RefURL": "https://bdu.fstec.ru/vul/2022-01171",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01174",
"RefURL": "https://bdu.fstec.ru/vul/2022-01174",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01230",
"RefURL": "https://bdu.fstec.ru/vul/2022-01230",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01236",
"RefURL": "https://bdu.fstec.ru/vul/2022-01236",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01276",
"RefURL": "https://bdu.fstec.ru/vul/2022-01276",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01277",
"RefURL": "https://bdu.fstec.ru/vul/2022-01277",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01278",
"RefURL": "https://bdu.fstec.ru/vul/2022-01278",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01284",
"RefURL": "https://bdu.fstec.ru/vul/2022-01284",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01288",
"RefURL": "https://bdu.fstec.ru/vul/2022-01288",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01289",
"RefURL": "https://bdu.fstec.ru/vul/2022-01289",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01297",
"RefURL": "https://bdu.fstec.ru/vul/2022-01297",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01321",
"RefURL": "https://bdu.fstec.ru/vul/2022-01321",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01354",
"RefURL": "https://bdu.fstec.ru/vul/2022-01354",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01355",
"RefURL": "https://bdu.fstec.ru/vul/2022-01355",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01365",
"RefURL": "https://bdu.fstec.ru/vul/2022-01365",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01383",
"RefURL": "https://bdu.fstec.ru/vul/2022-01383",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01421",
"RefURL": "https://bdu.fstec.ru/vul/2022-01421",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01423",
"RefURL": "https://bdu.fstec.ru/vul/2022-01423",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01426",
"RefURL": "https://bdu.fstec.ru/vul/2022-01426",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01428",
"RefURL": "https://bdu.fstec.ru/vul/2022-01428",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01494",
"RefURL": "https://bdu.fstec.ru/vul/2022-01494",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01513",
"RefURL": "https://bdu.fstec.ru/vul/2022-01513",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01514",
"RefURL": "https://bdu.fstec.ru/vul/2022-01514",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01516",
"RefURL": "https://bdu.fstec.ru/vul/2022-01516",
"Source": "BDU"
},
{
"RefID": "BDU:2022-01519",
"RefURL": "https://bdu.fstec.ru/vul/2022-01519",
"Source": "BDU"
},
{
"RefID": "CVE-2022-0789",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0789",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0790",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0790",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0791",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0791",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0792",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0792",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0793",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0793",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0794",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0794",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0795",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0795",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0796",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0796",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0797",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0797",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0798",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0798",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0799",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0799",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0800",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0800",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0801",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0801",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0802",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0802",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0803",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0803",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0804",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0804",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0805",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0805",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0806",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0806",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0807",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0807",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0808",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0808",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0809",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0809",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0971",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0971",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0972",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0972",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0973",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0973",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0974",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0974",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0975",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0975",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0976",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0976",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0977",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0977",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0978",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0978",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0979",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0979",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0980",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0980",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 99.0.4844.74-alt0.p10.1. \nSecurity Fix(es):\n\n * BDU:2022-01076: Уязвимость модуля отображения веб-страниц Blink браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-01077: Уязвимость компонента Views браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю вызвать выполнить произвольный код\n\n * BDU:2022-01168: Уязвимость компонента Media браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01169: Уязвимость оболочки операционной системы OS Shell браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-01170: Уязвимость компонента Canvas браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-01171: Уязвимость модуля преобразуования HTML-кода HTML parser браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании\n\n * BDU:2022-01174: Уязвимость набора библиотек времени выполнения Mojo браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-01230: Уязвимость реализации функции автозаполнения Autofill браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать влияние на целостность, доступность и конфиденциальность данных\n\n * BDU:2022-01236: Уязвимость настройки разрешений Permissions браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на целостность, доступность и конфиденциальность защищаемой информации\n\n * BDU:2022-01276: Уязвимость адресной строки Omnibox браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-01277: Уязвимость интерфейса Cast UI браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-01278: Уязвимость библиотеки ANGLE браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-01284: Уязвимость компонента WebXR браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01288: Уязвимость интерфейса Cast UI браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольной код\n\n * BDU:2022-01289: Уязвимость реализации режима Full Screen Mode браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на целостность, доступность и конфиденциальность защищаемой информации\n\n * BDU:2022-01297: Уязвимость реализации режима Full Screen Mode браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании\n\n * BDU:2022-01321: Уязвимость режима разделения экрана SplitScreen браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-01354: Уязвимость компонента установки Installer браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2022-01355: Уязвимость компонента MediaStream браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2022-01365: Уязвимость прикладного программного интерфейса для обмена данными Web Share браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2022-01383: Уязвимость макета Blink Layout модуля отображения Blink браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01421: Уязвимость процесса GPU Process браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01423: Уязвимость библиотеки ANGLE браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01426: Уязвимость службы Safe Browsing браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01428: Уязвимость библиотеки ANGLE браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01494: Уязвимость службы Safe Browsing браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01513: Уязвимость компонента Browser UI браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01514: Уязвимость библиотеки ANGLE браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01516: Уязвимость компонента Расширения Extensions браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-01519: Уязвимость реализации элемента управления «New Tab» («Новая кладка») браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * CVE-2022-0789: Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0790: Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2022-0791: Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n\n * CVE-2022-0792: Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0793: Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.\n\n * CVE-2022-0794: Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0795: Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0796: Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0797: Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.\n\n * CVE-2022-0798: Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n\n * CVE-2022-0799: Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.\n\n * CVE-2022-0800: Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0801: Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)\n\n * CVE-2022-0802: Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2022-0803: Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2022-0804: Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2022-0805: Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.\n\n * CVE-2022-0806: Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.\n\n * CVE-2022-0807: Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2022-0808: Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.\n\n * CVE-2022-0809: Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0971: Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0972: Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0973: Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0974: Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0975: Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0976: Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0977: Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0978: Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0979: Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-0980: Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2022-03-25"
},
"Updated": {
"Date": "2022-03-25"
},
"BDUs": [
{
"ID": "BDU:2022-01076",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2022-01076",
"Impact": "Critical",
"Public": "20211227"
},
{
"ID": "BDU:2022-01077",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01077",
"Impact": "Critical",
"Public": "20220128"
},
{
"ID": "BDU:2022-01168",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01168",
"Impact": "Critical",
"Public": "20220210"
},
{
"ID": "BDU:2022-01169",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01169",
"Impact": "Low",
"Public": "20220129"
},
{
"ID": "BDU:2022-01170",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01170",
"Impact": "Low",
"Public": "20211231"
},
{
"ID": "BDU:2022-01171",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-01171",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2022-01174",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2022-01174",
"Impact": "Critical",
"Public": "20211221"
},
{
"ID": "BDU:2022-01230",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-01230",
"Impact": "Low",
"Public": "20220114"
},
{
"ID": "BDU:2022-01236",
"CVSS": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-275",
"Href": "https://bdu.fstec.ru/vul/2022-01236",
"Impact": "Low",
"Public": "20211215"
},
{
"ID": "BDU:2022-01276",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01276",
"Impact": "Critical",
"Public": "20211209"
},
{
"ID": "BDU:2022-01277",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01277",
"Impact": "Critical",
"Public": "20211126"
},
{
"ID": "BDU:2022-01278",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-01278",
"Impact": "Low",
"Public": "20220111"
},
{
"ID": "BDU:2022-01284",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-01284",
"Impact": "Low",
"Public": "20220203"
},
{
"ID": "BDU:2022-01288",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2022-01288",
"Impact": "Low",
"Public": "20210824"
},
{
"ID": "BDU:2022-01289",
"CVSS": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2022-01289",
"Impact": "Low",
"Public": "20211114"
},
{
"ID": "BDU:2022-01297",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-01297",
"Impact": "High",
"Public": "20211029"
},
{
"ID": "BDU:2022-01321",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01321",
"Impact": "High",
"Public": "20220317"
},
{
"ID": "BDU:2022-01354",
"CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2022-01354",
"Impact": "Low",
"Public": "20211212"
},
{
"ID": "BDU:2022-01355",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01355",
"Impact": "Low",
"Public": "20211230"
},
{
"ID": "BDU:2022-01365",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01365",
"Impact": "Critical",
"Public": "20220204"
},
{
"ID": "BDU:2022-01383",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01383",
"Impact": "Critical",
"Public": "20220221"
},
{
"ID": "BDU:2022-01421",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2022-01421",
"Impact": "High",
"Public": "20220213"
},
{
"ID": "BDU:2022-01423",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2022-01423",
"Impact": "Critical",
"Public": "20220121"
},
{
"ID": "BDU:2022-01426",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01426",
"Impact": "High",
"Public": "20220303"
},
{
"ID": "BDU:2022-01428",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01428",
"Impact": "High",
"Public": "20220209"
},
{
"ID": "BDU:2022-01494",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01494",
"Impact": "High",
"Public": "20220215"
},
{
"ID": "BDU:2022-01513",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01513",
"Impact": "High",
"Public": "20220220"
},
{
"ID": "BDU:2022-01514",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01514",
"Impact": "High",
"Public": "20220220"
},
{
"ID": "BDU:2022-01516",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01516",
"Impact": "High",
"Public": "20220228"
},
{
"ID": "BDU:2022-01519",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-01519",
"Impact": "Low",
"Public": "20220302"
}
],
"CVEs": [
{
"ID": "CVE-2022-0789",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0789",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0790",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0790",
"Impact": "Critical",
"Public": "20220405"
},
{
"ID": "CVE-2022-0791",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0791",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0792",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0792",
"Impact": "Low",
"Public": "20220405"
},
{
"ID": "CVE-2022-0793",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0793",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0794",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0794",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0795",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0795",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0796",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0796",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0797",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0797",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0798",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0798",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0799",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-59",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0799",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0800",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0800",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0801",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0801",
"Impact": "Low",
"Public": "20230102"
},
{
"ID": "CVE-2022-0802",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0802",
"Impact": "Low",
"Public": "20220405"
},
{
"ID": "CVE-2022-0803",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0803",
"Impact": "Low",
"Public": "20220405"
},
{
"ID": "CVE-2022-0804",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0804",
"Impact": "Low",
"Public": "20220405"
},
{
"ID": "CVE-2022-0805",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0805",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0806",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0806",
"Impact": "Low",
"Public": "20220405"
},
{
"ID": "CVE-2022-0807",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0807",
"Impact": "Low",
"Public": "20220405"
},
{
"ID": "CVE-2022-0808",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0808",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0809",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0809",
"Impact": "High",
"Public": "20220405"
},
{
"ID": "CVE-2022-0971",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0971",
"Impact": "High",
"Public": "20220721"
},
{
"ID": "CVE-2022-0972",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0972",
"Impact": "High",
"Public": "20220721"
},
{
"ID": "CVE-2022-0973",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0973",
"Impact": "Critical",
"Public": "20220721"
},
{
"ID": "CVE-2022-0974",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0974",
"Impact": "High",
"Public": "20220721"
},
{
"ID": "CVE-2022-0975",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0975",
"Impact": "High",
"Public": "20220721"
},
{
"ID": "CVE-2022-0976",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0976",
"Impact": "High",
"Public": "20220721"
},
{
"ID": "CVE-2022-0977",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0977",
"Impact": "Critical",
"Public": "20220721"
},
{
"ID": "CVE-2022-0978",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0978",
"Impact": "High",
"Public": "20220722"
},
{
"ID": "CVE-2022-0979",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0979",
"Impact": "High",
"Public": "20220722"
},
{
"ID": "CVE-2022-0980",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0980",
"Impact": "High",
"Public": "20220722"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20221580001",
"Comment": "chromium is earlier than 0:99.0.4844.74-alt0.p10.1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink