2941 lines
178 KiB
JSON
2941 lines
178 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:20202933",
|
||
"Version": "oval:org.altlinux.errata:def:20202933",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2020-2933: package `firefox-esr` update to version 78.3.0-alt0.1.p9",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch p9"
|
||
],
|
||
"Products": [
|
||
"ALT Server",
|
||
"ALT Virtualization Server",
|
||
"ALT Workstation",
|
||
"ALT Workstation K",
|
||
"ALT Education",
|
||
"Simply Linux",
|
||
"Starterkit"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2020-2933",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-2933",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-00174",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-00174",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01115",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01115",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01389",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01389",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01390",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01390",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01392",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01392",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01393",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01393",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01394",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01394",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01395",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01395",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01396",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01396",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01397",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01397",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01398",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01398",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01399",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01399",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01404",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01404",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01405",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01405",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01406",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01406",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01408",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01408",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01409",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01409",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01410",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01410",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01411",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01411",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01412",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01412",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01448",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01448",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01449",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01449",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01450",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01450",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01451",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01451",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01454",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01454",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01455",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01455",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01456",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01456",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01457",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01457",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01649",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01649",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01650",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01650",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01653",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01653",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01660",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01660",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01667",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01667",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01668",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01668",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01675",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01675",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01795",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01795",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01797",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01797",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01819",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01819",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01820",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01820",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01821",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01821",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01822",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01822",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01823",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01823",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01824",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01824",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01825",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01825",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01826",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01826",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01827",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01827",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-01970",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-01970",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-03820",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-03820",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-03821",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-03821",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-03849",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-03849",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-04504",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-04504",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00074",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00074",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00075",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00075",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00076",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00076",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00077",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00077",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00078",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00078",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00080",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00080",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00081",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00081",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00094",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00094",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00095",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00095",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00096",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00096",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00099",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00099",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01269",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01269",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-01749",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-01749",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-02028",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-02028",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-03817",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-03817",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-03845",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-03845",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-00350",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-00350",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05732",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05732",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05734",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05734",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05735",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05735",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05739",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05739",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05802",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05802",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05804",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05804",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05806",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05806",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05808",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05808",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05928",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05928",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05931",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05931",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05934",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05934",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05935",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05935",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05936",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05936",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05937",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05937",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05938",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05938",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2022-05939",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2022-05939",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11734",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11734",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11735",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11735",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11737",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11737",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11738",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11738",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11740",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11740",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11741",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11741",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11742",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11742",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11743",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11743",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11744",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11744",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11745",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11745",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11746",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11746",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11747",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11747",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11748",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11748",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11749",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11749",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11750",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11750",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11752",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11752",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11754",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11754",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11756",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11756",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11757",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11757",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11758",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11758",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11759",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11759",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11760",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11760",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11761",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11761",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11762",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11762",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11763",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11763",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11764",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11764",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-11765",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11765",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17000",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17000",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17002",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17002",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17005",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17005",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17008",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17008",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17010",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17010",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17011",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17011",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17012",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17012",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17013",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17013",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17014",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17014",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17016",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17016",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17017",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17017",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17018",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17018",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17020",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17020",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17022",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17022",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17023",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17023",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17024",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17024",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17025",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17025",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-17026",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17026",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-25136",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-25136",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2019-9812",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9812",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12387",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12387",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12390",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12390",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12391",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12391",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12392",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12392",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12394",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12394",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12395",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12395",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12396",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12396",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12399",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12402",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12402",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12405",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12405",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12406",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12406",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12407",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12407",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12408",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12408",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12409",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12409",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12410",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12410",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12411",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12411",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12412",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12412",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12413",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12413",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12415",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12415",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12416",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12416",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12417",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12417",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12418",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12418",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12419",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12419",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12420",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12420",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12421",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12421",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12422",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12422",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12423",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12423",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12424",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12424",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12425",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12425",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-12426",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12426",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15648",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15648",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15652",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15653",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15653",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15654",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15654",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15655",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15655",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15656",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15656",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15657",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15657",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15658",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15658",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15659",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15663",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15663",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15664",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15664",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15669",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15669",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15670",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15670",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15673",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15673",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15676",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15676",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15677",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15677",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-15678",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15678",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6463",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6514",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6796",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6796",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6798",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6798",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6800",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6800",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6801",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6801",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6805",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6805",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6806",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6806",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6807",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6807",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6808",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6808",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6809",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6809",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6810",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6810",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6811",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6811",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6812",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6812",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6813",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6813",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6814",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6814",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6815",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6815",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6819",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6819",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6820",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6820",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6821",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6821",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6822",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6822",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6823",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6823",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6824",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6824",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6825",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6825",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6826",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6826",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2020-6831",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-6831",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades firefox-esr to version 78.3.0-alt0.1.p9. \nSecurity Fix(es):\n\n * BDU:2020-00174: Уязвимость JIT-компилятора IonMonkey браузеров Firefox и Firefox ESR, связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01115: Уязвимость веб-браузеров Firefox ESR и Firefox, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-01389: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибкой извлечения документа из DocShell, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01390: Уязвимость программного обеспечения Firefox, Firefox ESR, Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01392: Уязвимость деструктора nsDocShell веб-браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01393: Уязвимость компонента ReadableStream веб-браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, связанная с повторном освобождении области памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01394: Уязвимость компонента IndexedDB веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01395: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с отсутствием мер по защите структуры веб-страницы, позволяющая нарушителю осуществлять межсайтовые сценарные атаки\n\n * BDU:2020-01396: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с включением функциональности из ненадежной управляющей сферы, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01397: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01398: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибкой навигации событий, которые не соответствовали спецификации W3C, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-01399: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01404: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибкой переполнения буфера стека nrappkit, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01405: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01406: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибкой вызова произвольных методов у двух одинаковых документов, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность\n\n * BDU:2020-01408: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная связанна с ошибкой сохранения цепочки файлов, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01409: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибкой получения доступа к привилегированному объекту JSONView, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность\n\n * BDU:2020-01410: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01411: Уязвимость компонента account.firefox.com веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю нарушить целостность данных или вызвать отказ в обслуживании\n\n * BDU:2020-01412: Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с некорректной нейтрализацией ввода при генерации веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01448: Уязвимость браузера Firefox, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01449: Уязвимость браузера Firefox, связанная с элементами безопасности, включением функций из недостоверной контролируемой области, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-01450: Уязвимость программного обеспечения Firefox, Firefox-esr, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01451: Уязвимость браузеров Firefox, Firefox ESR, связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01454: Уязвимость браузера Firefox, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01455: Уязвимость браузеров Firefox, Firefox ESR, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01456: Уязвимость браузеров Firefox, Firefox ESR, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01457: Уязвимость браузера Firefox, связанная с выходом операции за границы буфера в памятих, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-01649: Уязвимость механизма сериализации веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с отсутствием проверки размера вводимых данных при использовании буфера, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании и оказать воздействие на целостность данных\n\n * BDU:2020-01650: Уязвимость политики безопасности веб-браузера Firefox, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01653: Уязвимость механизма наследования политики безопасности веб-браузера Firefox, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным и оказать воздействие на целостность данных\n\n * BDU:2020-01660: Уязвимость запроса Click to Play веб-браузера Firefox, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01667: Уязвимость функции requestPointerLock() веб-браузера Firefox, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-01668: Уязвимость компонента Spidermonkey веб-браузеров Firefox, Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-01675: Уязвимость механизма идентификации по отпечатку пальца веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная использование области памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании и оказать воздействие на целостность данных\n\n * BDU:2020-01795: Уязвимость компонента перерасчета объектов сеанса веб-браузера Firefox, связанная с обращение к освобожденному участку памяти, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании и оказать воздействие на целостность данных\n\n * BDU:2020-01797: Уязвимость механизма использования nested workers браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использование области памяти после её освобождения, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании и оказать воздействие на целостность данных\n\n * BDU:2020-01819: Уязвимость браузера Firefox, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01820: Уязвимость браузера Firefox, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01821: Уязвимость браузера Firefox, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01822: Уязвимость браузера Firefox, связанная с неправильными стандартными правами доступа, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-01823: Уязвимость браузера Firefox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01824: Уязвимость браузера Firefox, связанная с записью за границами буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность\n\n * BDU:2020-01825: Уязвимость браузера Firefox, связанная с неправильной инициализацией данных, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2020-01826: Уязвимость браузера Firefox, связанная с неправильным назначением прав доступа для критического ресурса, позволяющая нарушителю получить несанкционированный доступ к информации\n\n * BDU:2020-01827: Уязвимость браузера Firefox, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к информации\n\n * BDU:2020-01970: Уязвимость расширения HelloRetryRequest браузера Firefox, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2020-03820: Уязвимость средства для запуска сценариев Web Worker веб-браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-03821: Уязвимость веб-браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-03849: Уязвимость механизма проверки фрагментов SCTP в WebRTC веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-04504: Уязвимость набора библиотек NSS (Network Security Services), связанная с недостатками используемых криптографических алгоритмов, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-00074: Уязвимость программного обеспечения Firefox, Firefox ESR, Thunderbird, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00075: Уязвимость браузера Firefox, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00076: Уязвимость программного обеспечения Firefox, Firefox ESR и Thunderbird, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00077: Уязвимость программного обеспечения Firefox, Firefox ESR, Thunderbird, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00078: Уязвимость веб-браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00080: Уязвимость JIT-оптимизации браузера Firefox, связанная с доступом к данным без контроля типов, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00081: Уязвимость памяти веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00094: Уязвимость модуля распаковки веб-браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, связанная с недостатком механизма проверки подлинности данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00095: Уязвимость браузера Firefox, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00096: Уязвимость модуля VideoBroadcaster :: AddOrUpdateSink браузера Firefox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2021-00099: Уязвимость подписи DSA веб-браузеров программного обеспечения Firefox, Firefox-esr и Thunderbird, связанная с раскрытием информации в результате расхождений, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2021-01269: Уязвимость опции «Копировать как cURL» веб-браузеров Firefox ESR, Firefox, почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-01749: Уязвимость реализация WebRTC веб-браузеров Google Chrome, Firefox, Firefox-ESR и почтового клиента Thunderbird, связанная с переполнением буфера кучи, позволяющая нарушителю нарушить целостность данных\n\n * BDU:2021-02028: Уязвимость компонента SharedWorkerService браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-03817: Уязвимость компонент BodyStream::OnInputStreamReady браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-03845: Уязвимость компонента 360 Total Security браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-00350: Уязвимость реализации механизма CORS почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2022-05732: Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-05734: Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird, связанная с неправильными настройками прав доступа по умолчанию, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2022-05735: Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильными настройками прав доступа по умолчанию, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2022-05739: Уязвимость функции nsJPEGEncoder::emptyOutputBuffer () браузера Mozilla Firefox и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-05802: Уязвимость браузера Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-05804: Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-05806: Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с чтением данных за границами буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2022-05808: Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird, связанная с чтением данных за границами буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2022-05928: Уязвимость браузера Mozilla Firefox для Windows, связанная с раскрытием информации, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-05931: Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю отключить установленные надстройки\n\n * BDU:2022-05934: Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird, связанная с наличием %2F в URL-адресе манифеста, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-05935: Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с утечкой информации в сообщениях об ошибках, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-05936: Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с неправильным использованием привилегированных API, позволяющая нарушителю установить расширение\n\n * BDU:2022-05937: Уязвимость службы Maintenance Service браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird для Windows, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями\n\n * BDU:2022-05938: Уязвимость браузера Mozilla Firefox для Windows, связанная с неконтролируемым элементом пути поиска, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-05939: Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2019-11734: Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69.\n\n * CVE-2019-11735: Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11737: If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox \u003c 69.\n\n * CVE-2019-11738: If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11740: Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11741: A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox \u003c 69.\n\n * CVE-2019-11742: A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a \u0026lt;canvas\u0026gt; element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11743: Navigation events were not fully adhering to the W3C's \"Navigation-Timing Level 2\" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11744: Some HTML elements, such as \u0026lt;title\u0026gt; and \u0026lt;textarea\u0026gt;, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11745: When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.\n\n * CVE-2019-11746: A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11747: The \"Forget about this site\" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11748: WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11749: A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11750: A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox \u003c 69 and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11752: It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.1, Thunderbird \u003c 60.9, Firefox ESR \u003c 60.9, and Firefox ESR \u003c 68.1.\n\n * CVE-2019-11754: When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox \u003c 69.0.1.\n\n * CVE-2019-11756: Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox \u003c 71.\n\n * CVE-2019-11757: When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11758: Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11759: An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11760: A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11761: By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11762: If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11763: Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11764: Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.\n\n * CVE-2019-11765: A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the 'Click to Play' permission. This vulnerability affects Firefox \u003c 70.\n\n * CVE-2019-17000: An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox \u003c 70.\n\n * CVE-2019-17002: If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox \u003c 70.\n\n * CVE-2019-17005: The plain text serializer used a fixed-size array for the number of \u003col\u003e elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.\n\n * CVE-2019-17008: When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.\n\n * CVE-2019-17010: Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.\n\n * CVE-2019-17011: Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.\n\n * CVE-2019-17012: Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.3, Firefox ESR \u003c 68.3, and Firefox \u003c 71.\n\n * CVE-2019-17013: Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 71.\n\n * CVE-2019-17014: If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox \u003c 71.\n\n * CVE-2019-17016: When pasting a \u0026lt;style\u0026gt; tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.\n\n * CVE-2019-17017: Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.\n\n * CVE-2019-17018: When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox \u003c 72.\n\n * CVE-2019-17020: If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox \u003c 72.\n\n * CVE-2019-17022: When pasting a \u0026lt;style\u0026gt; tag from the clipboard into a rich text editor, the CSS sanitizer does not escape \u0026lt; and \u0026gt; characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.\n\n * CVE-2019-17023: After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox \u003c 72.\n\n * CVE-2019-17024: Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.4 and Firefox \u003c 72.\n\n * CVE-2019-17025: Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 72.\n\n * CVE-2019-17026: Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR \u003c 68.4.1, Thunderbird \u003c 68.4.1, and Firefox \u003c 72.0.1.\n\n * CVE-2019-25136: A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox \u003c 70.\n\n * CVE-2019-9812: Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR \u003c 60.9, Firefox ESR \u003c 68.1, and Firefox \u003c 69.\n\n * CVE-2020-12387: A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.\n\n * CVE-2020-12390: Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox \u003c 76.\n\n * CVE-2020-12391: Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox \u003c 76.\n\n * CVE-2020-12392: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.\n\n * CVE-2020-12394: A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox \u003c 76.\n\n * CVE-2020-12395: Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.\n\n * CVE-2020-12396: Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 76.\n\n * CVE-2020-12399: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.\n\n * CVE-2020-12402: During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12405: When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.\n\n * CVE-2020-12406: Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.\n\n * CVE-2020-12407: Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox \u003c 77.\n\n * CVE-2020-12408: When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox \u003c 77.\n\n * CVE-2020-12409: When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox \u003c 77.\n\n * CVE-2020-12410: Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.9.0, Firefox \u003c 77, and Firefox ESR \u003c 68.9.\n\n * CVE-2020-12411: Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 77.\n\n * CVE-2020-12412: By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox \u003c 70.\n\n * CVE-2020-12413: The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.\n\n * CVE-2020-12415: When \"%2F\" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12416: A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12417: Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.\n\n * CVE-2020-12418: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.\n\n * CVE-2020-12419: When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.\n\n * CVE-2020-12420: When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.\n\n * CVE-2020-12421: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR \u003c 68.10, Firefox \u003c 78, and Thunderbird \u003c 68.10.0.\n\n * CVE-2020-12422: In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12423: When the Windows DLL \"webauthn.dll\" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12424: When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12425: Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-12426: Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 78.\n\n * CVE-2020-15648: Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird \u003c 78 and Firefox \u003c 78.0.2.\n\n * CVE-2020-15652: By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15653: An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15654: When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15655: A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15656: JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15657: Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15658: The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15659: Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.\n\n * CVE-2020-15663: If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 80, Thunderbird \u003c 78.2, Thunderbird \u003c 68.12, Firefox ESR \u003c 68.12, and Firefox ESR \u003c 78.2.\n\n * CVE-2020-15664: By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox \u003c 80, Thunderbird \u003c 78.2, Thunderbird \u003c 68.12, Firefox ESR \u003c 68.12, Firefox ESR \u003c 78.2, and Firefox for Android \u003c 80.\n\n * CVE-2020-15669: When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 68.12 and Thunderbird \u003c 68.12.\n\n * CVE-2020-15670: Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 80, Firefox ESR \u003c 78.2, Thunderbird \u003c 78.2, and Firefox for Android \u003c 80.\n\n * CVE-2020-15673: Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.\n\n * CVE-2020-15676: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.\n\n * CVE-2020-15677: By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.\n\n * CVE-2020-15678: When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.\n\n * CVE-2020-6463: Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2020-6514: Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.\n\n * CVE-2020-6796: A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.\n\n * CVE-2020-6798: If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.\n\n * CVE-2020-6800: Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.\n\n * CVE-2020-6801: Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 73.\n\n * CVE-2020-6805: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.\n\n * CVE-2020-6806: By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.\n\n * CVE-2020-6807: When a device was changed while a stream was about to be destroyed, the \u003ccode\u003estream-reinit\u003c/code\u003e task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.\n\n * CVE-2020-6808: When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document. This vulnerability affects Firefox \u003c 74.\n\n * CVE-2020-6809: When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox \u003c 74.\n\n * CVE-2020-6810: After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks. This vulnerability affects Firefox \u003c 74.\n\n * CVE-2020-6811: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.\n\n * CVE-2020-6812: The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.\n\n * CVE-2020-6813: When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox \u003c 74.\n\n * CVE-2020-6814: Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.6, Firefox \u003c 74, Firefox \u003c ESR68.6, and Firefox ESR \u003c 68.6.\n\n * CVE-2020-6815: Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 74.\n\n * CVE-2020-6819: Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox \u003c 74.0.1, and Firefox ESR \u003c 68.6.1.\n\n * CVE-2020-6820: Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox \u003c 74.0.1, and Firefox ESR \u003c 68.6.1.\n\n * CVE-2020-6821: When reading from areas partially or fully outside the source resource with WebGL's \u003ccode\u003ecopyTexSubImage\u003c/code\u003e method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.\n\n * CVE-2020-6822: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in \u003ccode\u003eGMPDecodeData\u003c/code\u003e. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.\n\n * CVE-2020-6823: A malicious extension could have called \u003ccode\u003ebrowser.identity.launchWebAuthFlow\u003c/code\u003e, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox \u003c 75.\n\n * CVE-2020-6824: Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox \u003c 75.\n\n * CVE-2020-6825: Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.\n\n * CVE-2020-6826: Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 75.\n\n * CVE-2020-6831: A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 68.8, Firefox \u003c 76, and Thunderbird \u003c 68.8.0.\n\n * MFSA-2020-00: description unavailable",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "Critical",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2020-10-03"
|
||
},
|
||
"Updated": {
|
||
"Date": "2020-10-03"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2020-00174",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-00174",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01115",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01115",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01389",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01389",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01390",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01390",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01392",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01392",
|
||
"Impact": "Low",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01393",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-415, CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01393",
|
||
"Impact": "Low",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01394",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01394",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01395",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01395",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01396",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-829",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01396",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01397",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01397",
|
||
"Impact": "Critical",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01398",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01398",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01399",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01399",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01404",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01404",
|
||
"Impact": "High",
|
||
"Public": "20200113"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01405",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01405",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01406",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-346",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01406",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01408",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01408",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01409",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||
"CWE": "CWE-269",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01409",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01410",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01410",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01411",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01411",
|
||
"Impact": "Critical",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01412",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01412",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01448",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01448",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01449",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
|
||
"CWE": "CWE-829",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01449",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01450",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01450",
|
||
"Impact": "Low",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01451",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01451",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01454",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01454",
|
||
"Impact": "Low",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01455",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01455",
|
||
"Impact": "Low",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01456",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01456",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01457",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01457",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01649",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01649",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01650",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01650",
|
||
"Impact": "Low",
|
||
"Public": "20191022"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01653",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01653",
|
||
"Impact": "Low",
|
||
"Public": "20191022"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01660",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-276",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01660",
|
||
"Impact": "Low",
|
||
"Public": "20191022"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01667",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01667",
|
||
"Impact": "Low",
|
||
"Public": "20190903"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01668",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-704",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01668",
|
||
"Impact": "Low",
|
||
"Public": "20190903"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01675",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01675",
|
||
"Impact": "High",
|
||
"Public": "20190903"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01795",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01795",
|
||
"Impact": "High",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01797",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01797",
|
||
"Impact": "High",
|
||
"Public": "20191129"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01819",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01819",
|
||
"Impact": "Critical",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01820",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01820",
|
||
"Impact": "Critical",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01821",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-345",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01821",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01822",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-276",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01822",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01823",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01823",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01824",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01824",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01825",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-665",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01825",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01826",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-732",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01826",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01827",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01827",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-01970",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-287",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-01970",
|
||
"Impact": "Low",
|
||
"Public": "20191203"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-03820",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-03820",
|
||
"Impact": "High",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-03821",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-03821",
|
||
"Impact": "Critical",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-03849",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-03849",
|
||
"Impact": "Critical",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-04504",
|
||
"CVSS": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-327",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-04504",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00074",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00074",
|
||
"Impact": "Critical",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00075",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00075",
|
||
"Impact": "Critical",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00076",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00076",
|
||
"Impact": "Critical",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00077",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00077",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00078",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00078",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00080",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00080",
|
||
"Impact": "Critical",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00081",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00081",
|
||
"Impact": "High",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00094",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-345",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00094",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00095",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00095",
|
||
"Impact": "Critical",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00096",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00096",
|
||
"Impact": "Critical",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00099",
|
||
"CVSS": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-203",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00099",
|
||
"Impact": "Low",
|
||
"Public": "20200602"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01269",
|
||
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01269",
|
||
"Impact": "Low",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-01749",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-122",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-01749",
|
||
"Impact": "Low",
|
||
"Public": "20200722"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-02028",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-02028",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-03817",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-03817",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-03845",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-03845",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-00350",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-829",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-00350",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05732",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119, CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05732",
|
||
"Impact": "High",
|
||
"Public": "20200310"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05734",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-276, CWE-451",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05734",
|
||
"Impact": "Low",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05735",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-264, CWE-276",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05735",
|
||
"Impact": "Low",
|
||
"Public": "20200728"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05739",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-125, CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05739",
|
||
"Impact": "High",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05802",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05802",
|
||
"Impact": "High",
|
||
"Public": "20200825"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05804",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119, CWE-120",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05804",
|
||
"Impact": "High",
|
||
"Public": "20200825"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05806",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125, CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05806",
|
||
"Impact": "Low",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05808",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05808",
|
||
"Impact": "Low",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05928",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05928",
|
||
"Impact": "Low",
|
||
"Public": "20200107"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05931",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-295",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05931",
|
||
"Impact": "Low",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05934",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-22, CWE-138",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05934",
|
||
"Impact": "Low",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05935",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-209, CWE-346",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05935",
|
||
"Impact": "Low",
|
||
"Public": "20200728"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05936",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-648, CWE-863",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05936",
|
||
"Impact": "Low",
|
||
"Public": "20200825"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05937",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-282, CWE-427",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05937",
|
||
"Impact": "High",
|
||
"Public": "20200825"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05938",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-427",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05938",
|
||
"Impact": "High",
|
||
"Public": "20200630"
|
||
},
|
||
{
|
||
"ID": "BDU:2022-05939",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119, CWE-787",
|
||
"Href": "https://bdu.fstec.ru/vul/2022-05939",
|
||
"Impact": "High",
|
||
"Public": "20200407"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2019-11734",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11734",
|
||
"Impact": "Critical",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11735",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11735",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11737",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-345",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11737",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11738",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11738",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11740",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11740",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11741",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11741",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11742",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-829",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11742",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11743",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-203",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11743",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11744",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11744",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11745",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11745",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11746",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11746",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11747",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-665",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11747",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11748",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-281",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11748",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11749",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11749",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11750",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11750",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11752",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11752",
|
||
"Impact": "High",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11754",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11754",
|
||
"Impact": "Low",
|
||
"Public": "20190927"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11756",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11756",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11757",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11757",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11758",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11758",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11759",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-120",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11759",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11760",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11760",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11761",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11761",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11762",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-346",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11762",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11763",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11763",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11764",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11764",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-11765",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-276",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11765",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17000",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17000",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17002",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17002",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17005",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17005",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17008",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17008",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17010",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17010",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17011",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17011",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17012",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17012",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17013",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17013",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17014",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
|
||
"CWE": "CWE-863",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17014",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17016",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17016",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17017",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17017",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17018",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17018",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17020",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-611",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17020",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17022",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17022",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17023",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-287",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17023",
|
||
"Impact": "Low",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17024",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17024",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17025",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17025",
|
||
"Impact": "High",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-17026",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17026",
|
||
"Impact": "High",
|
||
"Public": "20200302"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-25136",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-25136",
|
||
"Impact": "Critical",
|
||
"Public": "20230619"
|
||
},
|
||
{
|
||
"ID": "CVE-2019-9812",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9812",
|
||
"Impact": "Critical",
|
||
"Public": "20200108"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12387",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12387",
|
||
"Impact": "High",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12390",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-502",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12390",
|
||
"Impact": "Critical",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12391",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-863",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12391",
|
||
"Impact": "High",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12392",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-22",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12392",
|
||
"Impact": "Low",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12394",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12394",
|
||
"Impact": "Low",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12395",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12395",
|
||
"Impact": "Critical",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12396",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12396",
|
||
"Impact": "Critical",
|
||
"Public": "20200526"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12399",
|
||
"CVSS": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-203",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12399",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12402",
|
||
"CVSS": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-203",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12402",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12405",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12405",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12406",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-345",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12406",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12407",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12407",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12408",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12408",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12409",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12409",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12410",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12410",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12411",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12411",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12412",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12412",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12413",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-203",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12413",
|
||
"Impact": "Low",
|
||
"Public": "20230216"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12415",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-276",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12415",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12416",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12416",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12417",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12417",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12418",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12418",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12419",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12419",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12420",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12420",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12421",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-295",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12421",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12422",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12422",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12423",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-427",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12423",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12424",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-276",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12424",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12425",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12425",
|
||
"Impact": "Low",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-12426",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12426",
|
||
"Impact": "High",
|
||
"Public": "20200709"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15648",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-1021",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15648",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15652",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-346",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15653",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15653",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15654",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-835",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15654",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15655",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15655",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15656",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-843",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15656",
|
||
"Impact": "High",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15657",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-427",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15657",
|
||
"Impact": "High",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15658",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-754",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15658",
|
||
"Impact": "Low",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15659",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
|
||
"Impact": "High",
|
||
"Public": "20200810"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15663",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-427",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15663",
|
||
"Impact": "High",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15664",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-863",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15664",
|
||
"Impact": "Low",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15669",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15669",
|
||
"Impact": "High",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15670",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15670",
|
||
"Impact": "High",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15673",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15673",
|
||
"Impact": "High",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15676",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15676",
|
||
"Impact": "Low",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15677",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-601",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15677",
|
||
"Impact": "Low",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-15678",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15678",
|
||
"Impact": "High",
|
||
"Public": "20201001"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6463",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
|
||
"Impact": "High",
|
||
"Public": "20200521"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6514",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
|
||
"Impact": "Low",
|
||
"Public": "20200722"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6796",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6796",
|
||
"Impact": "High",
|
||
"Public": "20200302"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6798",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6798",
|
||
"Impact": "Low",
|
||
"Public": "20200302"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6800",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6800",
|
||
"Impact": "High",
|
||
"Public": "20200302"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6801",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6801",
|
||
"Impact": "High",
|
||
"Public": "20200302"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6805",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6805",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6806",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6806",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6807",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6807",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6808",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-290",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6808",
|
||
"Impact": "Low",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6809",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6809",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6810",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-290",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6810",
|
||
"Impact": "Low",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6811",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-77",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6811",
|
||
"Impact": "High",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6812",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6812",
|
||
"Impact": "Low",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6813",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6813",
|
||
"Impact": "Low",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6814",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6814",
|
||
"Impact": "Critical",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6815",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6815",
|
||
"Impact": "Critical",
|
||
"Public": "20200325"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6819",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6819",
|
||
"Impact": "High",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6820",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6820",
|
||
"Impact": "High",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6821",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-908",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6821",
|
||
"Impact": "High",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6822",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6822",
|
||
"Impact": "High",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6823",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-862",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6823",
|
||
"Impact": "Critical",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6824",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-384",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6824",
|
||
"Impact": "Low",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6825",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6825",
|
||
"Impact": "Critical",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6826",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6826",
|
||
"Impact": "Critical",
|
||
"Public": "20200424"
|
||
},
|
||
{
|
||
"ID": "CVE-2020-6831",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-6831",
|
||
"Impact": "Critical",
|
||
"Public": "20200526"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:kworkstation:9",
|
||
"cpe:/o:alt:workstation:9",
|
||
"cpe:/o:alt:server:9",
|
||
"cpe:/o:alt:server-v:9",
|
||
"cpe:/o:alt:education:9",
|
||
"cpe:/o:alt:slinux:9",
|
||
"cpe:/o:alt:starterkit:p9"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:1001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20202933001",
|
||
"Comment": "firefox-esr is earlier than 0:78.3.0-alt0.1.p9"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20202933002",
|
||
"Comment": "firefox-esr-config-privacy is earlier than 0:78.3.0-alt0.1.p9"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20202933003",
|
||
"Comment": "firefox-esr-wayland is earlier than 0:78.3.0-alt0.1.p9"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |