pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p10/ALT-PU-2021-3408/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

1246 lines
63 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20213408",
"Version": "oval:org.altlinux.errata:def:20213408",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-3408: package `chromium` update to version 96.0.4664.45-alt2.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit",
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-3408",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-3408",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-05226",
"RefURL": "https://bdu.fstec.ru/vul/2021-05226",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05227",
"RefURL": "https://bdu.fstec.ru/vul/2021-05227",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05500",
"RefURL": "https://bdu.fstec.ru/vul/2021-05500",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05503",
"RefURL": "https://bdu.fstec.ru/vul/2021-05503",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05504",
"RefURL": "https://bdu.fstec.ru/vul/2021-05504",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05505",
"RefURL": "https://bdu.fstec.ru/vul/2021-05505",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05583",
"RefURL": "https://bdu.fstec.ru/vul/2021-05583",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05584",
"RefURL": "https://bdu.fstec.ru/vul/2021-05584",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05589",
"RefURL": "https://bdu.fstec.ru/vul/2021-05589",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05590",
"RefURL": "https://bdu.fstec.ru/vul/2021-05590",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05615",
"RefURL": "https://bdu.fstec.ru/vul/2021-05615",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05637",
"RefURL": "https://bdu.fstec.ru/vul/2021-05637",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05839",
"RefURL": "https://bdu.fstec.ru/vul/2021-05839",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05870",
"RefURL": "https://bdu.fstec.ru/vul/2021-05870",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06093",
"RefURL": "https://bdu.fstec.ru/vul/2021-06093",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06094",
"RefURL": "https://bdu.fstec.ru/vul/2021-06094",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06131",
"RefURL": "https://bdu.fstec.ru/vul/2021-06131",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06138",
"RefURL": "https://bdu.fstec.ru/vul/2021-06138",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06262",
"RefURL": "https://bdu.fstec.ru/vul/2021-06262",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06420",
"RefURL": "https://bdu.fstec.ru/vul/2021-06420",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06423",
"RefURL": "https://bdu.fstec.ru/vul/2021-06423",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06425",
"RefURL": "https://bdu.fstec.ru/vul/2021-06425",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06429",
"RefURL": "https://bdu.fstec.ru/vul/2021-06429",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06430",
"RefURL": "https://bdu.fstec.ru/vul/2021-06430",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00030",
"RefURL": "https://bdu.fstec.ru/vul/2022-00030",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00043",
"RefURL": "https://bdu.fstec.ru/vul/2022-00043",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00045",
"RefURL": "https://bdu.fstec.ru/vul/2022-00045",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00046",
"RefURL": "https://bdu.fstec.ru/vul/2022-00046",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00058",
"RefURL": "https://bdu.fstec.ru/vul/2022-00058",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00061",
"RefURL": "https://bdu.fstec.ru/vul/2022-00061",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00062",
"RefURL": "https://bdu.fstec.ru/vul/2022-00062",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00063",
"RefURL": "https://bdu.fstec.ru/vul/2022-00063",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00064",
"RefURL": "https://bdu.fstec.ru/vul/2022-00064",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00066",
"RefURL": "https://bdu.fstec.ru/vul/2022-00066",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00067",
"RefURL": "https://bdu.fstec.ru/vul/2022-00067",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00068",
"RefURL": "https://bdu.fstec.ru/vul/2022-00068",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00071",
"RefURL": "https://bdu.fstec.ru/vul/2022-00071",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00080",
"RefURL": "https://bdu.fstec.ru/vul/2022-00080",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00142",
"RefURL": "https://bdu.fstec.ru/vul/2022-00142",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00158",
"RefURL": "https://bdu.fstec.ru/vul/2022-00158",
"Source": "BDU"
},
{
"RefID": "CVE-2021-37981",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37981",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37982",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37982",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37983",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37983",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37984",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37984",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37985",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37985",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37986",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37986",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37987",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37987",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37988",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37988",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37989",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37989",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37990",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37990",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37991",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37991",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37992",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37992",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37993",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37993",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37994",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37994",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37995",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37995",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37996",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37996",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37997",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37997",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37998",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37998",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37999",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37999",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38000",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38000",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38001",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38001",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38002",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38002",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38003",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38003",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38004",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38004",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38005",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38005",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38006",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38006",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38007",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38007",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38008",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38008",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38009",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38009",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38010",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38010",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38011",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38011",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38012",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38012",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38013",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38013",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38014",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38014",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38015",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38015",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38016",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38016",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38017",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38017",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38018",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38018",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38019",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38019",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38020",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38020",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38021",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38021",
"Source": "CVE"
},
{
"RefID": "CVE-2021-38022",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-38022",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 96.0.4664.45-alt2.p10.1. \nSecurity Fix(es):\n\n * BDU:2021-05226: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05227: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить доступ к системе\n\n * BDU:2021-05500: Уязвимость компонента входа в систему Sign-In браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2021-05503: Уязвимость компонента Garbage Collection браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2021-05504: Уязвимость компонента Web Transport браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2021-05505: Уязвимость обработчика JavaScript-сценариев V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2021-05583: Уязвимость компонента storage foundation браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05584: Уязвимость компонента loader браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05589: Уязвимость компонента media браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05590: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05615: Уязвимость функции Автозаполнения Autofil браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-05637: Уязвимость реализации компонента «New Tab Page» («Новая вкладка») браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05839: Уязвимость компонента Swiftshader браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-05870: Уязвимость компонента Contacts Picker браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-06093: Уязвимость компонента Navigation браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2021-06094: Уязвимость реализации ввода текста браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2021-06131: Уязвимость реализации механизма CORS браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-06138: Уязвимость компонента Referer браузера Google Chrome, связанная с неправильно реализованной проверкой безопасности для стандартных элементов, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2021-06262: Уязвимость изолированной среды iframe браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-06420: Уязвимость функции фоновой загрузки браузера Google Chrome, позволяющая нарушителю обойти политику безопасности контента и получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-06423: Уязвимость функции загрузок браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2021-06425: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2021-06429: Уязвимость набора инструментов для веб-разработки DevTools браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2021-06430: Уязвимость компонента для отображения веб-страниц WebView браузера Google Chrome, операционной системы Android, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2022-00030: Уязвимость обработчика JavaScript-сценариев V8 веб-браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-00043: Уязвимость службы Service Worker браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-00045: Уязвимость обработчика PDF-содержимого PDFium браузеров Google Chrome и Microsoft Edge, связанная с использованием памяти после её освобождения, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2022-00046: Уязвимость компонента Profiles браузера Google Chrome, позволяющая нарушителю перенаправить пользователей на вредоносную веб-страницу\n\n * BDU:2022-00058: Уязвимость графической библиотеки Skia браузера Google Chrome, позволяющая нарушителю выйти из изолированной программной среды\n\n * BDU:2022-00061: Уязвимость компонента WebAudio браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности с помощью специально созданной HTML страницы\n\n * BDU:2022-00062: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-00063: Уязвимость обработчика PDF-содержимого PDFium браузера Google Chrome, позволяющая нарушителю вызвать переполнение буфера с помощью специально созданной HTML страницы\n\n * BDU:2022-00064: Уязвимость режима инкогнито браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2022-00066: Уязвимость настроек Settings браузера Google Chrome, позволяющая нарушителю вызвать переполнение буфера\n\n * BDU:2022-00067: Уязвимость компонента cache браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-00068: Уязвимость компонента iFrame Sandbox браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2022-00071: Уязвимость установщика WebApp браузера Google Chrome , позволяющая нарушителю подделать содержимое адресной строки с помощью специально созданной HTML страницы\n\n * BDU:2022-00080: Уязвимость сетевых API браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю обойти существующие ограничения безопасности с помощью специально созданной HTML страницы\n\n * BDU:2022-00142: Уязвимость механизма аутентификации пользователей WebAuthentication браузера Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2022-00158: Уязвимость реализации функции распознавания отпечатков пальцев браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2021-37981: Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-37982: Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37983: Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37984: Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37985: Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37986: Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37987: Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37988: Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37989: Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.\n\n * CVE-2021-37990: Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.\n\n * CVE-2021-37991: Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37992: Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37993: Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37994: Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2021-37995: Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-37996: Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file.\n\n * CVE-2021-37997: Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37998: Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-37999: Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n\n * CVE-2021-38000: Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n\n * CVE-2021-38001: Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38002: Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-38003: Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38004: Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-38005: Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38006: Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38007: Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38008: Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38009: Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-38010: Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n\n * CVE-2021-38011: Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38012: Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38013: Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2021-38014: Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2021-38015: Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.\n\n * CVE-2021-38016: Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.\n\n * CVE-2021-38017: Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2021-38018: Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page.\n\n * CVE-2021-38019: Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * CVE-2021-38020: Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2021-38021: Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.\n\n * CVE-2021-38022: Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n * #41247: Некорректное отображение окна браузера на системе с xfce\n\n * #41430: Зависает первая открытая вкладка при запуске chromium на виртуальной машине",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-11-29"
},
"Updated": {
"Date": "2021-11-29"
},
"BDUs": [
{
"ID": "BDU:2021-05226",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-749",
"Href": "https://bdu.fstec.ru/vul/2021-05226",
"Impact": "High",
"Public": "20211028"
},
{
"ID": "BDU:2021-05227",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-05227",
"Impact": "High",
"Public": "20211028"
},
{
"ID": "BDU:2021-05500",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-05500",
"Impact": "High",
"Public": "20211014"
},
{
"ID": "BDU:2021-05503",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-05503",
"Impact": "High",
"Public": "20211013"
},
{
"ID": "BDU:2021-05504",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-05504",
"Impact": "High",
"Public": "20211016"
},
{
"ID": "BDU:2021-05505",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2021-05505",
"Impact": "High",
"Public": "20211016"
},
{
"ID": "BDU:2021-05583",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-21",
"Href": "https://bdu.fstec.ru/vul/2021-05583",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-05584",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-05584",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-05589",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-05589",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-05590",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2021-05590",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-05615",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://bdu.fstec.ru/vul/2021-05615",
"Impact": "Low",
"Public": "20210707"
},
{
"ID": "BDU:2021-05637",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-05637",
"Impact": "Low",
"Public": "20210921"
},
{
"ID": "BDU:2021-05839",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-05839",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-05870",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-05870",
"Impact": "Low",
"Public": "20211115"
},
{
"ID": "BDU:2021-06093",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-06093",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-06094",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-06094",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-06131",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-06131",
"Impact": "Low",
"Public": "20211115"
},
{
"ID": "BDU:2021-06138",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-06138",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2021-06262",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-06262",
"Impact": "Low",
"Public": "20211115"
},
{
"ID": "BDU:2021-06420",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"CWE": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2021-06420",
"Impact": "Low",
"Public": "20211015"
},
{
"ID": "BDU:2021-06423",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-06423",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "BDU:2021-06425",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://bdu.fstec.ru/vul/2021-06425",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2021-06429",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-06429",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2021-06430",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2021-06430",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "BDU:2022-00030",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2022-00030",
"Impact": "Low",
"Public": "20211115"
},
{
"ID": "BDU:2022-00043",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-00043",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2022-00045",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-00045",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00046",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-00046",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00058",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-00058",
"Impact": "Critical",
"Public": "20211102"
},
{
"ID": "BDU:2022-00061",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-00061",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00062",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-00062",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00063",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-00063",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00064",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-00064",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00066",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-00066",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00067",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-00067",
"Impact": "High",
"Public": "20211115"
},
{
"ID": "BDU:2022-00068",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-00068",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "BDU:2022-00071",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-00071",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "BDU:2022-00080",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-00080",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "BDU:2022-00142",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-358",
"Href": "https://bdu.fstec.ru/vul/2022-00142",
"Impact": "Low",
"Public": "20211115"
},
{
"ID": "BDU:2022-00158",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2022-00158",
"Impact": "High",
"Public": "20211115"
}
],
"CVEs": [
{
"ID": "CVE-2021-37981",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37981",
"Impact": "Critical",
"Public": "20211102"
},
{
"ID": "CVE-2021-37982",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37982",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37983",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37983",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37984",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37984",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37985",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37985",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37986",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37986",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37987",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37987",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37988",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37988",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37989",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37989",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "CVE-2021-37990",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37990",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "CVE-2021-37991",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37991",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37992",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37992",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37993",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37993",
"Impact": "High",
"Public": "20211102"
},
{
"ID": "CVE-2021-37994",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37994",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "CVE-2021-37995",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37995",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "CVE-2021-37996",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37996",
"Impact": "Low",
"Public": "20211102"
},
{
"ID": "CVE-2021-37997",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37997",
"Impact": "High",
"Public": "20211123"
},
{
"ID": "CVE-2021-37998",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37998",
"Impact": "High",
"Public": "20211123"
},
{
"ID": "CVE-2021-37999",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37999",
"Impact": "Low",
"Public": "20211123"
},
{
"ID": "CVE-2021-38000",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-601",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38000",
"Impact": "Low",
"Public": "20211123"
},
{
"ID": "CVE-2021-38001",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38001",
"Impact": "High",
"Public": "20211123"
},
{
"ID": "CVE-2021-38002",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38002",
"Impact": "Critical",
"Public": "20211123"
},
{
"ID": "CVE-2021-38003",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-755",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38003",
"Impact": "High",
"Public": "20211123"
},
{
"ID": "CVE-2021-38004",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38004",
"Impact": "Low",
"Public": "20211123"
},
{
"ID": "CVE-2021-38005",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38005",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38006",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38006",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38007",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38007",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38008",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38008",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38009",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-203",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38009",
"Impact": "Low",
"Public": "20211223"
},
{
"ID": "CVE-2021-38010",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38010",
"Impact": "Low",
"Public": "20211223"
},
{
"ID": "CVE-2021-38011",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38011",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38012",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38012",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38013",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38013",
"Impact": "Critical",
"Public": "20211223"
},
{
"ID": "CVE-2021-38014",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38014",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38015",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38015",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38016",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-863",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38016",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38017",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-863",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38017",
"Impact": "High",
"Public": "20211223"
},
{
"ID": "CVE-2021-38018",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38018",
"Impact": "Low",
"Public": "20211223"
},
{
"ID": "CVE-2021-38019",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-670",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38019",
"Impact": "Low",
"Public": "20211223"
},
{
"ID": "CVE-2021-38020",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38020",
"Impact": "Low",
"Public": "20211223"
},
{
"ID": "CVE-2021-38021",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38021",
"Impact": "Low",
"Public": "20211223"
},
{
"ID": "CVE-2021-38022",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-38022",
"Impact": "Low",
"Public": "20211223"
}
],
"Bugzilla": [
{
"ID": "41247",
"Href": "https://bugzilla.altlinux.org/41247",
"Data": "Некорректное отображение окна браузера на системе с xfce"
},
{
"ID": "41430",
"Href": "https://bugzilla.altlinux.org/41430",
"Data": "Зависает первая открытая вкладка при запуске chromium на виртуальной машине"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:container:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20213408001",
"Comment": "chromium is earlier than 0:96.0.4664.45-alt2.p10.1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink