pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b1153fc0bf
vuln-list-alt/oval/c10f1/ALT-PU-2021-2394/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

745 lines
38 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20212394",
"Version": "oval:org.altlinux.errata:def:20212394",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-2394: package `chromium` update to version 92.0.4515.107-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-2394",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-2394",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-03859",
"RefURL": "https://bdu.fstec.ru/vul/2021-03859",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03860",
"RefURL": "https://bdu.fstec.ru/vul/2021-03860",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03865",
"RefURL": "https://bdu.fstec.ru/vul/2021-03865",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03866",
"RefURL": "https://bdu.fstec.ru/vul/2021-03866",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03867",
"RefURL": "https://bdu.fstec.ru/vul/2021-03867",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03872",
"RefURL": "https://bdu.fstec.ru/vul/2021-03872",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03873",
"RefURL": "https://bdu.fstec.ru/vul/2021-03873",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03904",
"RefURL": "https://bdu.fstec.ru/vul/2021-03904",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03905",
"RefURL": "https://bdu.fstec.ru/vul/2021-03905",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03906",
"RefURL": "https://bdu.fstec.ru/vul/2021-03906",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03907",
"RefURL": "https://bdu.fstec.ru/vul/2021-03907",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03908",
"RefURL": "https://bdu.fstec.ru/vul/2021-03908",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03909",
"RefURL": "https://bdu.fstec.ru/vul/2021-03909",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03910",
"RefURL": "https://bdu.fstec.ru/vul/2021-03910",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03911",
"RefURL": "https://bdu.fstec.ru/vul/2021-03911",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03912",
"RefURL": "https://bdu.fstec.ru/vul/2021-03912",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03943",
"RefURL": "https://bdu.fstec.ru/vul/2021-03943",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03956",
"RefURL": "https://bdu.fstec.ru/vul/2021-03956",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03957",
"RefURL": "https://bdu.fstec.ru/vul/2021-03957",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04024",
"RefURL": "https://bdu.fstec.ru/vul/2021-04024",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04038",
"RefURL": "https://bdu.fstec.ru/vul/2021-04038",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04234",
"RefURL": "https://bdu.fstec.ru/vul/2021-04234",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04235",
"RefURL": "https://bdu.fstec.ru/vul/2021-04235",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04236",
"RefURL": "https://bdu.fstec.ru/vul/2021-04236",
"Source": "BDU"
},
{
"RefID": "CVE-2021-30565",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30565",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30566",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30566",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30567",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30567",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30568",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30568",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30569",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30569",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30571",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30571",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30572",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30572",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30573",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30573",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30574",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30574",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30575",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30575",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30576",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30576",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30577",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30577",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30578",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30578",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30579",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30579",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30580",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30580",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30581",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30581",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30582",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30582",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30583",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30583",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30584",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30584",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30585",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30585",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30586",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30586",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30587",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30587",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30588",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30588",
"Source": "CVE"
},
{
"RefID": "CVE-2021-30589",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30589",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 92.0.4515.107-alt1. \nSecurity Fix(es):\n\n * BDU:2021-03859: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03860: Уязвимость функции печати веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03865: Уязвимость компонента Android Intents веб-браузера Google Chrome для Android, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03866: Уязвимость веб-браузера Google Chrome операционных систем Windows, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03867: Уязвимость компонента SQLite веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03872: Уязвимость функции автозаполнения Autofil веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03873: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2021-03904: Уязвимость компонента установки Installer веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03905: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03906: Уязвимость графического процессора GPU веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03907: Уязвимость компонента Protocol Handling веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-03908: Уязвимость функции автозаполнения Autofil веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03909: Уязвимость веб-браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03910: Уязвимость функции «Sharing» («Поделиться») веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03911: Уязвимость обработчика JavaScript-сценариев V8 веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03912: Уязвимость веб-браузера Google Chrome, связанная с недостаточной проверкой введенных пользователем данных, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2021-03943: Уязвимость компонента Media веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности\n\n * BDU:2021-03956: Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03957: Уязвимость компонента Compositing веб-браузера Google Chrome операционных систем Windows, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-04024: Уязвимость пользовательского интерфейса Chromium браузера Google Chrome, позволяющая нарушителю выполнить запись за пределами памяти\n\n * BDU:2021-04038: Уязвимость компонента WebGL веб-браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2021-04234: Уязвимость веб-браузера Google Chrome операционных систем iOS, связанная с недостатками разграничения доступа при обработке изображений, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-04235: Уязвимость компонента UI framework веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-04236: Уязвимость реализации анимации (Animation) веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * CVE-2021-30565: Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.\n\n * CVE-2021-30566: Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.\n\n * CVE-2021-30567: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.\n\n * CVE-2021-30568: Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30569: Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30571: Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-30572: Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30573: Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30574: Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30575: Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30576: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30577: Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.\n\n * CVE-2021-30578: Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.\n\n * CVE-2021-30579: Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30580: Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.\n\n * CVE-2021-30581: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30582: Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-30583: Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-30584: Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.\n\n * CVE-2021-30585: Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30586: Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30587: Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-30588: Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-30589: Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-08-02"
},
"Updated": {
"Date": "2021-08-02"
},
"BDUs": [
{
"ID": "BDU:2021-03859",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03859",
"Impact": "High",
"Public": "20210520"
},
{
"ID": "BDU:2021-03860",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-121",
"Href": "https://bdu.fstec.ru/vul/2021-03860",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-03865",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-03865",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03866",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03866",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03867",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03867",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-03872",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03872",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-03873",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-03873",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-03904",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-03904",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03905",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03905",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03906",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03906",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-03907",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03907",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-03908",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2021-03908",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03909",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03909",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03910",
"CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-03910",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03911",
"CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2021-03911",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03912",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2021-03912",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03943",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-908",
"Href": "https://bdu.fstec.ru/vul/2021-03943",
"Impact": "Low",
"Public": "20210721"
},
{
"ID": "BDU:2021-03956",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03956",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-03957",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-03957",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-04024",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-94",
"Href": "https://bdu.fstec.ru/vul/2021-04024",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-04038",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2021-04038",
"Impact": "High",
"Public": "20210720"
},
{
"ID": "BDU:2021-04234",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-04234",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-04235",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-04235",
"Impact": "Low",
"Public": "20210720"
},
{
"ID": "BDU:2021-04236",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-04236",
"Impact": "High",
"Public": "20210720"
}
],
"CVEs": [
{
"ID": "CVE-2021-30565",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30565",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30566",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30566",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30567",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30567",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30568",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30568",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30569",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30569",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30571",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-863",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30571",
"Impact": "Critical",
"Public": "20210803"
},
{
"ID": "CVE-2021-30572",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30572",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30573",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30573",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30574",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30574",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30575",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30575",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30576",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30576",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30577",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-732",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30577",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30578",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-908",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30578",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30579",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30579",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30580",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30580",
"Impact": "Low",
"Public": "20210803"
},
{
"ID": "CVE-2021-30581",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30581",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30582",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30582",
"Impact": "Low",
"Public": "20210803"
},
{
"ID": "CVE-2021-30583",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30583",
"Impact": "Low",
"Public": "20210803"
},
{
"ID": "CVE-2021-30584",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30584",
"Impact": "Low",
"Public": "20210803"
},
{
"ID": "CVE-2021-30585",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30585",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30586",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30586",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30587",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30587",
"Impact": "Low",
"Public": "20210803"
},
{
"ID": "CVE-2021-30588",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30588",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2021-30589",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30589",
"Impact": "Low",
"Public": "20210803"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20212394001",
"Comment": "chromium is earlier than 0:92.0.4515.107-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink