pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p10/ALT-PU-2022-2004/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

770 lines
38 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20222004",
"Version": "oval:org.altlinux.errata:def:20222004",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2022-2004: package `chromium` update to version 102.0.5005.61-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2022-2004",
"RefURL": "https://errata.altlinux.org/ALT-PU-2022-2004",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-03186",
"RefURL": "https://bdu.fstec.ru/vul/2022-03186",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03204",
"RefURL": "https://bdu.fstec.ru/vul/2022-03204",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03205",
"RefURL": "https://bdu.fstec.ru/vul/2022-03205",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03272",
"RefURL": "https://bdu.fstec.ru/vul/2022-03272",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03310",
"RefURL": "https://bdu.fstec.ru/vul/2022-03310",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03323",
"RefURL": "https://bdu.fstec.ru/vul/2022-03323",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03325",
"RefURL": "https://bdu.fstec.ru/vul/2022-03325",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03326",
"RefURL": "https://bdu.fstec.ru/vul/2022-03326",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03327",
"RefURL": "https://bdu.fstec.ru/vul/2022-03327",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03329",
"RefURL": "https://bdu.fstec.ru/vul/2022-03329",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03331",
"RefURL": "https://bdu.fstec.ru/vul/2022-03331",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03332",
"RefURL": "https://bdu.fstec.ru/vul/2022-03332",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03347",
"RefURL": "https://bdu.fstec.ru/vul/2022-03347",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03367",
"RefURL": "https://bdu.fstec.ru/vul/2022-03367",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03386",
"RefURL": "https://bdu.fstec.ru/vul/2022-03386",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03824",
"RefURL": "https://bdu.fstec.ru/vul/2022-03824",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03825",
"RefURL": "https://bdu.fstec.ru/vul/2022-03825",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03826",
"RefURL": "https://bdu.fstec.ru/vul/2022-03826",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03827",
"RefURL": "https://bdu.fstec.ru/vul/2022-03827",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03828",
"RefURL": "https://bdu.fstec.ru/vul/2022-03828",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03829",
"RefURL": "https://bdu.fstec.ru/vul/2022-03829",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03830",
"RefURL": "https://bdu.fstec.ru/vul/2022-03830",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03831",
"RefURL": "https://bdu.fstec.ru/vul/2022-03831",
"Source": "BDU"
},
{
"RefID": "CVE-2022-1638",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1638",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1639",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1639",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1640",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1640",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1853",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1853",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1854",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1854",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1855",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1855",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1856",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1856",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1857",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1857",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1858",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1858",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1859",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1859",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1860",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1860",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1861",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1861",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1862",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1862",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1863",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1863",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1864",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1864",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1865",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1865",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1866",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1866",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1867",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1867",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1868",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1868",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1869",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1869",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1870",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1870",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1871",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1871",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1872",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1872",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1873",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1873",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1874",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1874",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1875",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1875",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1876",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1876",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 102.0.5005.61-alt0.p10.1. \nSecurity Fix(es):\n\n * BDU:2022-03186: Уязвимость компонента WebApp браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03204: Уязвимость компонента Sharing браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-03205: Уязвимость компонента UI Foundations браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-03272: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03310: Уязвимость компонента Data Transfer браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03323: Уязвимость интерфейса File System API браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю обойти введенные ограничения безопасности\n\n * BDU:2022-03325: Уязвимость компонента обучения пользователей браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-03326: Уязвимость библиотеки ANGLE браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-03327: Уязвимость компонента обмена сообщениями браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-03329: Уязвимость браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03331: Уязвимость реализации Extensions браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03332: Уязвимость компонента Bookmarks браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03347: Уязвимость компонента Performance Manager браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-03367: Уязвимость компонента Tab Groups браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2022-03386: Уязвимость набора инструментов для веб-разработки DevTools браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03824: Уязвимость интерфейса File System API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03825: Уязвимость режима планшета браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03826: Уязвимость набора инструментов DevTools браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2022-03827: Уязвимость компонента Extensions API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03828: Уязвимость компонента COOP браузера Google Chrome , позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03829: Уязвимость службы Safe Browsing браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03830: Уязвимость плагина PDF браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-03831: Уязвимость интерфейса API расширений браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании\n\n * CVE-2022-1638: Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1639: Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1640: Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1853: Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2022-1854: Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1855: Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1856: Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction.\n\n * CVE-2022-1857: Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.\n\n * CVE-2022-1858: Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction.\n\n * CVE-2022-1859: Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1860: Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions.\n\n * CVE-2022-1861: Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction.\n\n * CVE-2022-1862: Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.\n\n * CVE-2022-1863: Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.\n\n * CVE-2022-1864: Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.\n\n * CVE-2022-1865: Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.\n\n * CVE-2022-1866: Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.\n\n * CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.\n\n * CVE-2022-1868: Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2022-1869: Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-1870: Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n\n * CVE-2022-1871: Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.\n\n * CVE-2022-1872: Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.\n\n * CVE-2022-1873: Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2022-1874: Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.\n\n * CVE-2022-1875: Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2022-1876: Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2022-06-07"
},
"Updated": {
"Date": "2022-06-07"
},
"BDUs": [
{
"ID": "BDU:2022-03186",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03186",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03204",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03204",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03205",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03205",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03272",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2022-03272",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03310",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2022-03310",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03323",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-264, CWE-269",
"Href": "https://bdu.fstec.ru/vul/2022-03323",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03325",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03325",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03326",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03326",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03327",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03327",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03329",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03329",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03331",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:P/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-03331",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03332",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03332",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03347",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03347",
"Impact": "High",
"Public": "20220524"
},
{
"ID": "BDU:2022-03367",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03367",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03386",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-03386",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03824",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2022-03824",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03825",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03825",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03826",
"CVSS": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2022-03826",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03827",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2022-03827",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03828",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2022-03828",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03829",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2022-03829",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03830",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-03830",
"Impact": "Low",
"Public": "20220524"
},
{
"ID": "BDU:2022-03831",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-03831",
"Impact": "High",
"Public": "20220524"
}
],
"CVEs": [
{
"ID": "CVE-2022-1638",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1638",
"Impact": "High",
"Public": "20220726"
},
{
"ID": "CVE-2022-1639",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1639",
"Impact": "High",
"Public": "20220726"
},
{
"ID": "CVE-2022-1640",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1640",
"Impact": "High",
"Public": "20220726"
},
{
"ID": "CVE-2022-1853",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1853",
"Impact": "Critical",
"Public": "20220727"
},
{
"ID": "CVE-2022-1854",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1854",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1855",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1855",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1856",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1856",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1857",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1857",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1858",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1858",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1859",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1859",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1860",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1860",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1861",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1861",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1862",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1862",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1863",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1863",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1864",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1864",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1865",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1865",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1866",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1866",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1867",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1867",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1868",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1868",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1869",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1869",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1870",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1870",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1871",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1871",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1872",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1872",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1873",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1873",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1874",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1874",
"Impact": "High",
"Public": "20220727"
},
{
"ID": "CVE-2022-1875",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1875",
"Impact": "Low",
"Public": "20220727"
},
{
"ID": "CVE-2022-1876",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1876",
"Impact": "High",
"Public": "20220727"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20222004001",
"Comment": "chromium is earlier than 0:102.0.5005.61-alt0.p10.1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink