pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
af2f8b3981
vuln-list-alt/oval/c10f1/ALT-PU-2023-4766/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

935 lines
48 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20234766",
"Version": "oval:org.altlinux.errata:def:20234766",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-4766: package `yandex-browser-stable` update to version 23.7.1.1216-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-4766",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-4766",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-02350",
"RefURL": "https://bdu.fstec.ru/vul/2023-02350",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02367",
"RefURL": "https://bdu.fstec.ru/vul/2023-02367",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02380",
"RefURL": "https://bdu.fstec.ru/vul/2023-02380",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02383",
"RefURL": "https://bdu.fstec.ru/vul/2023-02383",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02384",
"RefURL": "https://bdu.fstec.ru/vul/2023-02384",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02385",
"RefURL": "https://bdu.fstec.ru/vul/2023-02385",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02386",
"RefURL": "https://bdu.fstec.ru/vul/2023-02386",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02387",
"RefURL": "https://bdu.fstec.ru/vul/2023-02387",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02388",
"RefURL": "https://bdu.fstec.ru/vul/2023-02388",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02389",
"RefURL": "https://bdu.fstec.ru/vul/2023-02389",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02623",
"RefURL": "https://bdu.fstec.ru/vul/2023-02623",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02929",
"RefURL": "https://bdu.fstec.ru/vul/2023-02929",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02930",
"RefURL": "https://bdu.fstec.ru/vul/2023-02930",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02955",
"RefURL": "https://bdu.fstec.ru/vul/2023-02955",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03080",
"RefURL": "https://bdu.fstec.ru/vul/2023-03080",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03442",
"RefURL": "https://bdu.fstec.ru/vul/2023-03442",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03544",
"RefURL": "https://bdu.fstec.ru/vul/2023-03544",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03553",
"RefURL": "https://bdu.fstec.ru/vul/2023-03553",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03628",
"RefURL": "https://bdu.fstec.ru/vul/2023-03628",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03732",
"RefURL": "https://bdu.fstec.ru/vul/2023-03732",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03733",
"RefURL": "https://bdu.fstec.ru/vul/2023-03733",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03804",
"RefURL": "https://bdu.fstec.ru/vul/2023-03804",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03805",
"RefURL": "https://bdu.fstec.ru/vul/2023-03805",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03902",
"RefURL": "https://bdu.fstec.ru/vul/2023-03902",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03903",
"RefURL": "https://bdu.fstec.ru/vul/2023-03903",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03905",
"RefURL": "https://bdu.fstec.ru/vul/2023-03905",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03908",
"RefURL": "https://bdu.fstec.ru/vul/2023-03908",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03909",
"RefURL": "https://bdu.fstec.ru/vul/2023-03909",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03915",
"RefURL": "https://bdu.fstec.ru/vul/2023-03915",
"Source": "BDU"
},
{
"RefID": "BDU:2023-04050",
"RefURL": "https://bdu.fstec.ru/vul/2023-04050",
"Source": "BDU"
},
{
"RefID": "CVE-2023-2459",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2459",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2460",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2460",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2461",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2461",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2462",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2462",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2463",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2463",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2464",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2464",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2465",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2465",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2466",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2466",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2467",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2467",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2468",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2468",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2721",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2721",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2722",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2722",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2723",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2723",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2724",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2724",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2725",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2725",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2726",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2726",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2929",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2929",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2930",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2930",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2931",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2931",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2932",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2932",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2933",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2933",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2934",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2934",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2935",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2935",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2936",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2936",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2937",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2937",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2938",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2938",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2939",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2939",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2940",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2940",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2941",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2941",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3079",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3079",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3420",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3420",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3421",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3421",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3422",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3422",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3598",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3598",
"Source": "CVE"
}
],
"Description": "This update upgrades yandex-browser-stable to version 23.7.1.1216-alt1. \nSecurity Fix(es):\n\n * BDU:2023-02350: Уязвимость реализации полноэкранного режима (Full Screen Mode) браузера Google Chrome, позволяющая нарушителю скрыть содержимое адресной строки Omnibox\n\n * BDU:2023-02367: Уязвимость реализации механизма CORS (Cross-Origin Resource Sharing) браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2023-02380: Уязвимость расширений браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2023-02383: Уязвимость технологии Picture-in-Picture (PiP) браузера Google Chrome, позволяющая нарушителю проводить фишинг-атаки\n\n * BDU:2023-02384: Уязвимость компонента Prompts браузера Google Chrome операционных систем Android, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2023-02385: Уязвимость компонента Prompts браузера Google Chrome, позволяющая нарушителю проводить фишинг-атаки\n\n * BDU:2023-02386: Уязвимость технологии Picture-in-Picture (PiP) браузера Google Chrome, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2023-02387: Уязвимость компонента Prompts браузера Google Chrome, позволяющая нарушителю проводить фишинг-атаки\n\n * BDU:2023-02388: Уязвимость расширения Google Input Tools Chrome OS браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02389: Уязвимость компонента Prompts браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2023-02623: Уязвимость функции Navigation браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02929: Уязвимость интерфейса автозаполнения Autofill браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-02930: Уязвимость режима Guest View браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-02955: Уязвимость библиотеки SwiftShader веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03080: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03442: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03544: Уязвимость компонента WebApp Installs браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2023-03553: Уязвимость компонента Media браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03628: Уязвимость компонента Guest View браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03732: Уязвимость компонента Extensions API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю установить произвольное расширение\n\n * BDU:2023-03733: Уязвимость установщика браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2023-03804: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-03805: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2023-03902: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-03903: Уязвимость IPC-библиотеки Mojo браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-03905: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2023-03908: Уязвимость технологии Picture In Picture браузера Google Chrome, позволяющая нарушителю проводить фишинг-атаки\n\n * BDU:2023-03909: Уязвимость обработчика PDF-содержимого браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2023-03915: Уязвимость технологии Picture In Picture браузера Google Chrome, позволяющая нарушителю проводить фишинг-атаки\n\n * BDU:2023-04050: Уязвимость загрузчика браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * CVE-2023-2459: Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2460: Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2461: Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)\n\n * CVE-2023-2462: Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2463: Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2464: Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2465: Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2466: Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-2467: Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-2468: Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low)\n\n * CVE-2023-2721: Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)\n\n * CVE-2023-2722: Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2723: Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2724: Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2725: Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2726: Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2929: Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2930: Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2931: Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)\n\n * CVE-2023-2932: Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)\n\n * CVE-2023-2933: Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)\n\n * CVE-2023-2934: Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2935: Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2936: Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-2937: Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2938: Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2939: Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)\n\n * CVE-2023-2940: Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n * CVE-2023-2941: Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low)\n\n * CVE-2023-3079: Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-3420: Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-3421: Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-3422: Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2023-3598: Out of bounds read and write in ANGLE in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-08-11"
},
"Updated": {
"Date": "2023-08-11"
},
"BDUs": [
{
"ID": "BDU:2023-02350",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02350",
"Impact": "Low",
"Public": "20230110"
},
{
"ID": "BDU:2023-02367",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02367",
"Impact": "Low",
"Public": "20221210"
},
{
"ID": "BDU:2023-02380",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2023-02380",
"Impact": "High",
"Public": "20230227"
},
{
"ID": "BDU:2023-02383",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02383",
"Impact": "Low",
"Public": "20230502"
},
{
"ID": "BDU:2023-02384",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02384",
"Impact": "Low",
"Public": "20230502"
},
{
"ID": "BDU:2023-02385",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02385",
"Impact": "Low",
"Public": "20230502"
},
{
"ID": "BDU:2023-02386",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02386",
"Impact": "Low",
"Public": "20230502"
},
{
"ID": "BDU:2023-02387",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02387",
"Impact": "Low",
"Public": "20230502"
},
{
"ID": "BDU:2023-02388",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-02388",
"Impact": "High",
"Public": "20230502"
},
{
"ID": "BDU:2023-02389",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-02389",
"Impact": "Low",
"Public": "20230502"
},
{
"ID": "BDU:2023-02623",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-02623",
"Impact": "Critical",
"Public": "20230516"
},
{
"ID": "BDU:2023-02929",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-02929",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "BDU:2023-02930",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-02930",
"Impact": "High",
"Public": "20230504"
},
{
"ID": "BDU:2023-02955",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-02955",
"Impact": "Critical",
"Public": "20230530"
},
{
"ID": "BDU:2023-03080",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2023-03080",
"Impact": "Critical",
"Public": "20230605"
},
{
"ID": "BDU:2023-03442",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2023-03442",
"Impact": "Critical",
"Public": "20230626"
},
{
"ID": "BDU:2023-03544",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-345, CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-03544",
"Impact": "High",
"Public": "20221227"
},
{
"ID": "BDU:2023-03553",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-03553",
"Impact": "High",
"Public": "20230626"
},
{
"ID": "BDU:2023-03628",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-03628",
"Impact": "High",
"Public": "20230626"
},
{
"ID": "BDU:2023-03732",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20, CWE-59",
"Href": "https://bdu.fstec.ru/vul/2023-03732",
"Impact": "Low",
"Public": "20230602"
},
{
"ID": "BDU:2023-03733",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20, CWE-59",
"Href": "https://bdu.fstec.ru/vul/2023-03733",
"Impact": "High",
"Public": "20230602"
},
{
"ID": "BDU:2023-03804",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2023-03804",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "BDU:2023-03805",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-03805",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "BDU:2023-03902",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2023-03902",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "BDU:2023-03903",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-03903",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "BDU:2023-03905",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2023-03905",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "BDU:2023-03908",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-03908",
"Impact": "Low",
"Public": "20230530"
},
{
"ID": "BDU:2023-03909",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-03909",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "BDU:2023-03915",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-03915",
"Impact": "Low",
"Public": "20230530"
},
{
"ID": "BDU:2023-04050",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2023-04050",
"Impact": "Low",
"Public": "20230530"
}
],
"CVEs": [
{
"ID": "CVE-2023-2459",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2459",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2460",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2460",
"Impact": "High",
"Public": "20230503"
},
{
"ID": "CVE-2023-2461",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2461",
"Impact": "High",
"Public": "20230503"
},
{
"ID": "CVE-2023-2462",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2462",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2463",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2463",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2464",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2464",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2465",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2465",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2466",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2466",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2467",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2467",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2468",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2468",
"Impact": "Low",
"Public": "20230503"
},
{
"ID": "CVE-2023-2721",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2721",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "CVE-2023-2722",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2722",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "CVE-2023-2723",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2723",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "CVE-2023-2724",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2724",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "CVE-2023-2725",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2725",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "CVE-2023-2726",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2726",
"Impact": "High",
"Public": "20230516"
},
{
"ID": "CVE-2023-2929",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2929",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2930",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2930",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2931",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2931",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2932",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2932",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2933",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2933",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2934",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2934",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2935",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2935",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2936",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2936",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2937",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2937",
"Impact": "Low",
"Public": "20230530"
},
{
"ID": "CVE-2023-2938",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2938",
"Impact": "Low",
"Public": "20230530"
},
{
"ID": "CVE-2023-2939",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-59",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2939",
"Impact": "High",
"Public": "20230530"
},
{
"ID": "CVE-2023-2940",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2940",
"Impact": "Low",
"Public": "20230530"
},
{
"ID": "CVE-2023-2941",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2941",
"Impact": "Low",
"Public": "20230530"
},
{
"ID": "CVE-2023-3079",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3079",
"Impact": "High",
"Public": "20230605"
},
{
"ID": "CVE-2023-3420",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3420",
"Impact": "High",
"Public": "20230626"
},
{
"ID": "CVE-2023-3421",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3421",
"Impact": "High",
"Public": "20230626"
},
{
"ID": "CVE-2023-3422",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3422",
"Impact": "High",
"Public": "20230626"
},
{
"ID": "CVE-2023-3598",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3598",
"Impact": "High",
"Public": "20230728"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20234766001",
"Comment": "yandex-browser-stable is earlier than 0:23.7.1.1216-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink