pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b1153fc0bf
vuln-list-alt/oval/c9f2/ALT-PU-2024-14996/definitions.json
pepelyaevip ea3367c91f ALT Vulnerability
2024-11-07 03:04:18 +00:00

538 lines
28 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414996",
"Version": "oval:org.altlinux.errata:def:202414996",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14996: package `yandex-browser-stable` update to version 24.7.6.1018-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14996",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14996",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-04338",
"RefURL": "https://bdu.fstec.ru/vul/2024-04338",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04339",
"RefURL": "https://bdu.fstec.ru/vul/2024-04339",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04341",
"RefURL": "https://bdu.fstec.ru/vul/2024-04341",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04342",
"RefURL": "https://bdu.fstec.ru/vul/2024-04342",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04865",
"RefURL": "https://bdu.fstec.ru/vul/2024-04865",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04866",
"RefURL": "https://bdu.fstec.ru/vul/2024-04866",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06067",
"RefURL": "https://bdu.fstec.ru/vul/2024-06067",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06109",
"RefURL": "https://bdu.fstec.ru/vul/2024-06109",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06110",
"RefURL": "https://bdu.fstec.ru/vul/2024-06110",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06111",
"RefURL": "https://bdu.fstec.ru/vul/2024-06111",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06112",
"RefURL": "https://bdu.fstec.ru/vul/2024-06112",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06113",
"RefURL": "https://bdu.fstec.ru/vul/2024-06113",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06114",
"RefURL": "https://bdu.fstec.ru/vul/2024-06114",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06115",
"RefURL": "https://bdu.fstec.ru/vul/2024-06115",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06132",
"RefURL": "https://bdu.fstec.ru/vul/2024-06132",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06562",
"RefURL": "https://bdu.fstec.ru/vul/2024-06562",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06704",
"RefURL": "https://bdu.fstec.ru/vul/2024-06704",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07084",
"RefURL": "https://bdu.fstec.ru/vul/2024-07084",
"Source": "BDU"
},
{
"RefID": "CVE-2024-4558",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Source": "CVE"
},
{
"RefID": "CVE-2024-4559",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-4559",
"Source": "CVE"
},
{
"RefID": "CVE-2024-5496",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-5496",
"Source": "CVE"
},
{
"RefID": "CVE-2024-5497",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-5497",
"Source": "CVE"
},
{
"RefID": "CVE-2024-5498",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-5498",
"Source": "CVE"
},
{
"RefID": "CVE-2024-5499",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-5499",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6473",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6473",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6772",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6772",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6773",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6773",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6774",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6774",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6775",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6775",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6776",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6776",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6777",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6777",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6778",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6778",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6779",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6779",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6990",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6990",
"Source": "CVE"
},
{
"RefID": "CVE-2024-7965",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7965",
"Source": "CVE"
},
{
"RefID": "CVE-2024-7971",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7971",
"Source": "CVE"
}
],
"Description": "This update upgrades yandex-browser-stable to version 24.7.6.1018-alt1. \nSecurity Fix(es):\n\n * BDU:2024-04338: Уязвимость компонента Keyboard Inputs браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-04339: Уязвимость интерфейса Presentation API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-04341: Уязвимость интерфейса Streams API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-04342: Уязвимость интерфейса Media Session API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-04865: Уязвимость элемента WebAudio браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-04866: Уязвимость библиотеки ANGLE браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-06067: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить полный контроль над приложением\n\n * BDU:2024-06109: Уязвимость компонента Audio браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06110: Уязвимость функции Navigation браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06111: Уязвимость компонента Media Stream (Трансляция) браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06112: Уязвимость функции захват экрана (Screen Capture) браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06113: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю обойти защитный механизм песочницы, получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06114: Уязвимость набора инструментов для веб-разработки DevTools браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06115: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06132: Уязвимость компонента Dawn браузеров Google Chrome и Microsoft Edge операционных систем Android, позволяющая нарушителю обойти защитный механизм песочницы и выполнить произвольный код\n\n * BDU:2024-06562: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код с помощью специально сформированной HTML-страницы\n\n * BDU:2024-06704: Уязвимость браузера Yandex Browser, связана с использованием ненадёжного пути поиска, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-07084: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю повредить динамическую память\n\n * CVE-2024-4558: Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-4559: Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-5496: Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-5497: Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-5498: Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-5499: Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6473: Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.\n\n * CVE-2024-6772: Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6773: Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6774: Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6775: Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6776: Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6777: Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)\n\n * CVE-2024-6778: Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)\n\n * CVE-2024-6779: Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-6990: Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)\n\n * CVE-2024-7965: Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * CVE-2024-7971: Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n * #51152: Перестали применяться анимационные фоны в Яндекс браузере после обновления ffmpeg-plugin-browser",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-06"
},
"Updated": {
"Date": "2024-11-06"
},
"BDUs": [
{
"ID": "BDU:2024-04338",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2024-04338",
"Impact": "High",
"Public": "20240507"
},
{
"ID": "BDU:2024-04339",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-04339",
"Impact": "High",
"Public": "20240509"
},
{
"ID": "BDU:2024-04341",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2024-04341",
"Impact": "High",
"Public": "20240511"
},
{
"ID": "BDU:2024-04342",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-04342",
"Impact": "High",
"Public": "20240506"
},
{
"ID": "BDU:2024-04865",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2024-04865",
"Impact": "High",
"Public": "20240507"
},
{
"ID": "BDU:2024-04866",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-04866",
"Impact": "High",
"Public": "20240507"
},
{
"ID": "BDU:2024-06067",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-125, CWE-358",
"Href": "https://bdu.fstec.ru/vul/2024-06067",
"Impact": "Low",
"Public": "20240612"
},
{
"ID": "BDU:2024-06109",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06109",
"Impact": "High",
"Public": "20240612"
},
{
"ID": "BDU:2024-06110",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06110",
"Impact": "High",
"Public": "20240607"
},
{
"ID": "BDU:2024-06111",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06111",
"Impact": "High",
"Public": "20240615"
},
{
"ID": "BDU:2024-06112",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06112",
"Impact": "High",
"Public": "20240613"
},
{
"ID": "BDU:2024-06113",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2024-06113",
"Impact": "High",
"Public": "20240706"
},
{
"ID": "BDU:2024-06114",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-362, CWE-366",
"Href": "https://bdu.fstec.ru/vul/2024-06114",
"Impact": "High",
"Public": "20240516"
},
{
"ID": "BDU:2024-06115",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2024-06115",
"Impact": "High",
"Public": "20240617"
},
{
"ID": "BDU:2024-06132",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-457",
"Href": "https://bdu.fstec.ru/vul/2024-06132",
"Impact": "High",
"Public": "20240715"
},
{
"ID": "BDU:2024-06562",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2024-06562",
"Impact": "High",
"Public": "20240821"
},
{
"ID": "BDU:2024-06704",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-426",
"Href": "https://bdu.fstec.ru/vul/2024-06704",
"Impact": "High",
"Public": "20240903"
},
{
"ID": "BDU:2024-07084",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2024-07084",
"Impact": "High",
"Public": "20240821"
}
],
"CVEs": [
{
"ID": "CVE-2024-4558",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4558",
"Impact": "None",
"Public": "20240507"
},
{
"ID": "CVE-2024-4559",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4559",
"Impact": "None",
"Public": "20240507"
},
{
"ID": "CVE-2024-5496",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5496",
"Impact": "None",
"Public": "20240530"
},
{
"ID": "CVE-2024-5497",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5497",
"Impact": "None",
"Public": "20240530"
},
{
"ID": "CVE-2024-5498",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5498",
"Impact": "None",
"Public": "20240530"
},
{
"ID": "CVE-2024-5499",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5499",
"Impact": "None",
"Public": "20240530"
},
{
"ID": "CVE-2024-6473",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-426",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6473",
"Impact": "High",
"Public": "20240903"
},
{
"ID": "CVE-2024-6772",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6772",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6773",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6773",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6774",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6774",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6775",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6775",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6776",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6776",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6777",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6777",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6778",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6778",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6779",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6779",
"Impact": "None",
"Public": "20240716"
},
{
"ID": "CVE-2024-6990",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-908",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6990",
"Impact": "High",
"Public": "20240801"
},
{
"ID": "CVE-2024-7965",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7965",
"Impact": "High",
"Public": "20240821"
},
{
"ID": "CVE-2024-7971",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7971",
"Impact": "High",
"Public": "20240821"
}
],
"Bugzilla": [
{
"ID": "51152",
"Href": "https://bugzilla.altlinux.org/51152",
"Data": "Перестали применяться анимационные фоны в Яндекс браузере после обновления ffmpeg-plugin-browser"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414996001",
"Comment": "yandex-browser-stable is earlier than 0:24.7.6.1018-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink