pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p9/ALT-PU-2018-2308/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

188 lines
7.7 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20182308",
"Version": "oval:org.altlinux.errata:def:20182308",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2018-2308: package `libwebkitgtk4` update to version 2.22.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2018-2308",
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-2308",
"Source": "ALTPU"
},
{
"RefID": "CVE-2018-11646",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-11646",
"Source": "CVE"
},
{
"RefID": "CVE-2018-4207",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-4207",
"Source": "CVE"
},
{
"RefID": "CVE-2018-4208",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-4208",
"Source": "CVE"
},
{
"RefID": "CVE-2018-4210",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-4210",
"Source": "CVE"
},
{
"RefID": "CVE-2018-4213",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-4213",
"Source": "CVE"
}
],
"Description": "This update upgrades libwebkitgtk4 to version 2.22.0-alt1. \nSecurity Fix(es):\n\n * CVE-2018-11646: webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.\n\n * CVE-2018-4207: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.\n\n * CVE-2018-4208: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.\n\n * CVE-2018-4210: In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.\n\n * CVE-2018-4213: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2018-09-12"
},
"Updated": {
"Date": "2018-09-12"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2018-11646",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-11646",
"Impact": "High",
"Public": "20180601"
},
{
"ID": "CVE-2018-4207",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-4207",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "CVE-2018-4208",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-4208",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "CVE-2018-4210",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-129",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-4210",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "CVE-2018-4213",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-4213",
"Impact": "High",
"Public": "20190111"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20182308001",
"Comment": "jsc4 is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308002",
"Comment": "libjavascriptcoregtk4 is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308003",
"Comment": "libjavascriptcoregtk4-devel is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308004",
"Comment": "libjavascriptcoregtk4-gir is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308005",
"Comment": "libjavascriptcoregtk4-gir-devel is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308006",
"Comment": "libwebkit2gtk is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308007",
"Comment": "libwebkit2gtk-devel is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308008",
"Comment": "libwebkit2gtk-gir is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308009",
"Comment": "libwebkit2gtk-gir-devel is earlier than 0:2.22.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182308010",
"Comment": "webkitgtk-minibrowser is earlier than 0:2.22.0-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink