pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f4bd77dc1c
vuln-list-alt/oval/p9/ALT-PU-2018-2599/definitions.json
pepelyaevip acb7c66c0a ALT Vulnerability
2024-06-29 15:04:56 +00:00

581 lines
28 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20182599",
"Version": "oval:org.altlinux.errata:def:20182599",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2018-2599: package `chromium` update to version 70.0.3538.67-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2018-2599",
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-2599",
"Source": "ALTPU"
},
{
"RefID": "BDU:2018-01336",
"RefURL": "https://bdu.fstec.ru/vul/2018-01336",
"Source": "BDU"
},
{
"RefID": "BDU:2018-01337",
"RefURL": "https://bdu.fstec.ru/vul/2018-01337",
"Source": "BDU"
},
{
"RefID": "BDU:2018-01338",
"RefURL": "https://bdu.fstec.ru/vul/2018-01338",
"Source": "BDU"
},
{
"RefID": "BDU:2018-01339",
"RefURL": "https://bdu.fstec.ru/vul/2018-01339",
"Source": "BDU"
},
{
"RefID": "BDU:2018-01340",
"RefURL": "https://bdu.fstec.ru/vul/2018-01340",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04356",
"RefURL": "https://bdu.fstec.ru/vul/2019-04356",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04357",
"RefURL": "https://bdu.fstec.ru/vul/2019-04357",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04358",
"RefURL": "https://bdu.fstec.ru/vul/2019-04358",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04359",
"RefURL": "https://bdu.fstec.ru/vul/2019-04359",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04360",
"RefURL": "https://bdu.fstec.ru/vul/2019-04360",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04361",
"RefURL": "https://bdu.fstec.ru/vul/2019-04361",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04378",
"RefURL": "https://bdu.fstec.ru/vul/2019-04378",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04379",
"RefURL": "https://bdu.fstec.ru/vul/2019-04379",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04380",
"RefURL": "https://bdu.fstec.ru/vul/2019-04380",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04381",
"RefURL": "https://bdu.fstec.ru/vul/2019-04381",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04383",
"RefURL": "https://bdu.fstec.ru/vul/2019-04383",
"Source": "BDU"
},
{
"RefID": "CVE-2018-17462",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17462",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17463",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17463",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17464",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17464",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17465",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17465",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17466",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17466",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17467",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17467",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17468",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17468",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17469",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17469",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17470",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17470",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17471",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17471",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17472",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17472",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17473",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17473",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17474",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17474",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17475",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17475",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17476",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17476",
"Source": "CVE"
},
{
"RefID": "CVE-2018-17477",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-17477",
"Source": "CVE"
},
{
"RefID": "CVE-2018-20071",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-20071",
"Source": "CVE"
},
{
"RefID": "CVE-2018-5179",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-5179",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 70.0.3538.67-alt1. \nSecurity Fix(es):\n\n * BDU:2018-01336: Уязвимость компонента AppCache веб-браузера Chrome, позволяющая нарушителю выйти из изолированной среды и выполнить произвольный код\n\n * BDU:2018-01337: Уязвимость обработчика JavaScript-сценариев V8 веб-браузера Chrome, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2018-01338: Уязвимость компонента Omnibox веб-браузера Chrome, позволяющая нарушителю подменить адрес URI\n\n * BDU:2018-01339: Уязвимость библиотеи angle веб-браузера Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2018-01340: Уязвимость компонента Omnibox веб-браузера Chrome, позволяющая нарушителю подменить адрес URI\n\n * BDU:2019-04356: Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании\n\n * BDU:2019-04357: Уязвимость механизма отображения веб-страниц Blink браузера Google Chrome, позволяющая нарушителю получить URL-адреса перекрестного происхождения\n\n * BDU:2019-04358: Уязвимость обработчика PDF-содержимого PDFium браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-04359: Уязвимость реализации движка графического процессора браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04360: Уязвимость браузера Google Chrome, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю скрыть предупреждение о переходе в полноэкранный режим\n\n * BDU:2019-04361: Уязвимость браузера Google Chrome, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю осуществить подмену содержимого компонента Omnibox (URL)\n\n * BDU:2019-04378: Уязвимость функции HTMLImportsController механизма отображения веб-страниц Blink браузера Google Chrome, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2019-04379: Уязвимость браузера Google Chrome, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю осуществить подмену содержимого компонента Omnibox (URL)\n\n * BDU:2019-04380: Уязвимость компонента Cast браузера Google Chrome, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю скрыть предупреждение о переходе в полноэкранный режим\n\n * BDU:2019-04381: Уязвимость браузера Google Chrome, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю осуществить подмену пользовательского интерфейса во вкладке «Расширения»\n\n * BDU:2019-04383: Уязвимость скрипта ServiceWorker браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * CVE-2018-17462: Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.\n\n * CVE-2018-17463: Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.\n\n * CVE-2018-17464: Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2018-17465: Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.\n\n * CVE-2018-17466: Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.\n\n * CVE-2018-17467: Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2018-17468: Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page.\n\n * CVE-2018-17469: Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.\n\n * CVE-2018-17470: A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n\n * CVE-2018-17471: Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.\n\n * CVE-2018-17472: Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the \u003ciframe\u003e sandbox via a crafted HTML page.\n\n * CVE-2018-17473: Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.\n\n * CVE-2018-17474: Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2018-17475: Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n\n * CVE-2018-17476: Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.\n\n * CVE-2018-17477: Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.\n\n * CVE-2018-20071: Insufficiently strict origin checks during JIT payment app installation in Payments in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to install a service worker for a domain that can host attacker controled files via a crafted HTML page.\n\n * CVE-2018-5179: A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2018-11-07"
},
"Updated": {
"Date": "2018-11-07"
},
"BDUs": [
{
"ID": "BDU:2018-01336",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-265",
"Href": "https://bdu.fstec.ru/vul/2018-01336",
"Impact": "High",
"Public": "20180925"
},
{
"ID": "BDU:2018-01337",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2018-01337",
"Impact": "High",
"Public": "20180925"
},
{
"ID": "BDU:2018-01338",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2018-01338",
"Impact": "High",
"Public": "20180920"
},
{
"ID": "BDU:2018-01339",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2018-01339",
"Impact": "High",
"Public": "20180905"
},
{
"ID": "BDU:2018-01340",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-451",
"Href": "https://bdu.fstec.ru/vul/2018-01340",
"Impact": "High",
"Public": "20180519"
},
{
"ID": "BDU:2019-04356",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-04356",
"Impact": "High",
"Public": "20181016"
},
{
"ID": "BDU:2019-04357",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2019-04357",
"Impact": "Low",
"Public": "20181016"
},
{
"ID": "BDU:2019-04358",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2019-04358",
"Impact": "High",
"Public": "20181016"
},
{
"ID": "BDU:2019-04359",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-04359",
"Impact": "High",
"Public": "20181016"
},
{
"ID": "BDU:2019-04360",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-04360",
"Impact": "Low",
"Public": "20181016"
},
{
"ID": "BDU:2019-04361",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-04361",
"Impact": "Low",
"Public": "20181016"
},
{
"ID": "BDU:2019-04378",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2019-04378",
"Impact": "High",
"Public": "20181016"
},
{
"ID": "BDU:2019-04379",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-04379",
"Impact": "Low",
"Public": "20181016"
},
{
"ID": "BDU:2019-04380",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-04380",
"Impact": "Low",
"Public": "20181016"
},
{
"ID": "BDU:2019-04381",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2019-04381",
"Impact": "Low",
"Public": "20181016"
},
{
"ID": "BDU:2019-04383",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-20, CWE-772",
"Href": "https://bdu.fstec.ru/vul/2019-04383",
"Impact": "High",
"Public": "20180426"
}
],
"CVEs": [
{
"ID": "CVE-2018-17462",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17462",
"Impact": "Critical",
"Public": "20181114"
},
{
"ID": "CVE-2018-17463",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17463",
"Impact": "High",
"Public": "20181114"
},
{
"ID": "CVE-2018-17464",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17464",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17465",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17465",
"Impact": "High",
"Public": "20181114"
},
{
"ID": "CVE-2018-17466",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17466",
"Impact": "High",
"Public": "20181114"
},
{
"ID": "CVE-2018-17467",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-459",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17467",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17468",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17468",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17469",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17469",
"Impact": "High",
"Public": "20181114"
},
{
"ID": "CVE-2018-17470",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17470",
"Impact": "High",
"Public": "20190109"
},
{
"ID": "CVE-2018-17471",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17471",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17472",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17472",
"Impact": "Critical",
"Public": "20181114"
},
{
"ID": "CVE-2018-17473",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17473",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17474",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17474",
"Impact": "High",
"Public": "20181114"
},
{
"ID": "CVE-2018-17475",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17475",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17476",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17476",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-17477",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-17477",
"Impact": "Low",
"Public": "20181114"
},
{
"ID": "CVE-2018-20071",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20071",
"Impact": "Low",
"Public": "20190109"
},
{
"ID": "CVE-2018-5179",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-772",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-5179",
"Impact": "High",
"Public": "20190426"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20182599001",
"Comment": "chromium is earlier than 0:70.0.3538.67-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182599002",
"Comment": "chromium-gnome is earlier than 0:70.0.3538.67-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182599003",
"Comment": "chromium-kde is earlier than 0:70.0.3538.67-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink