Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2023-A5E10B188A.NASL
HistoryNov 07, 2023 - 12:00 a.m.

Fedora 38 : alsa-plugins / attract-mode / audacious-plugins / blender / etc (2023-a5e10b188a)

2023-11-0700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
fedora 38
packages
vulnerabilities
fedora-2023-a5e10b188a
google chrome
android
swiftshader
vulkan
heap buffer overflow
cve-2023-0927
cve-2023-0928
cve-2023-0929
cve-2023-0930
cve-2023-0931
cve-2023-0932
cve-2023-0933
cve-2023-0941
cve-2023-1213
cve-2023-1214
cve-2023-1215
cve-2023-1216
cve-2023-1217
cve-2023-1218
cve-2023-1219

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

0.015

Percentile

87.1%

JSON

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a5e10b188a advisory.

  • Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0927)

  • Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0928)

  • Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0929)

  • Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0930)

  • Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0931)

  • Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0932)

  • Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) (CVE-2023-0933)

  • Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) (CVE-2023-0941)

  • Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1213)

  • Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1214)

  • Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1215)

  • Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had convienced the user to engage in direct UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1216)

  • Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1217)

  • Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1218)

  • Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1219)

  • Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1220)

  • Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) (CVE-2023-1221)

  • Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2023-1222)

  • Insufficient policy enforcement in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) (CVE-2023-1223)

  • Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity:
    Medium) (CVE-2023-1224)

  • Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) (CVE-2023-1225)

  • Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity:
    Medium) (CVE-2023-1226)

  • Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) (CVE-2023-1227)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2023-a5e10b188a
#

include('compat.inc');

if (description)
{
  script_id(185338);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");

  script_cve_id(
    "CVE-2023-0927",
    "CVE-2023-0928",
    "CVE-2023-0929",
    "CVE-2023-0930",
    "CVE-2023-0931",
    "CVE-2023-0932",
    "CVE-2023-0933",
    "CVE-2023-0941",
    "CVE-2023-1213",
    "CVE-2023-1214",
    "CVE-2023-1215",
    "CVE-2023-1216",
    "CVE-2023-1217",
    "CVE-2023-1218",
    "CVE-2023-1219",
    "CVE-2023-1220",
    "CVE-2023-1221",
    "CVE-2023-1222",
    "CVE-2023-1223",
    "CVE-2023-1224",
    "CVE-2023-1225",
    "CVE-2023-1226",
    "CVE-2023-1227"
  );
  script_xref(name:"FEDORA", value:"2023-a5e10b188a");

  script_name(english:"Fedora 38 : alsa-plugins / attract-mode / audacious-plugins / blender / etc (2023-a5e10b188a)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the
FEDORA-2023-a5e10b188a advisory.

  - Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote
    attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted
    HTML page. (Chromium security severity: High) (CVE-2023-0927)

  - Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
    (CVE-2023-0928)

  - Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially
    exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0929)

  - Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
    (CVE-2023-0930)

  - Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially
    exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-0931)

  - Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who
    convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a
    crafted HTML page. (Chromium security severity: High) (CVE-2023-0932)

  - Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially
    exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) (CVE-2023-0933)

  - Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
    (CVE-2023-0941)

  - Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
    (CVE-2023-1213)

  - Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially
    exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1214)

  - Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially
    exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1215)

  - Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had
    convienced the user to engage in direct UI interaction to potentially exploit heap corruption via a
    crafted HTML page. (Chromium security severity: High) (CVE-2023-1216)

  - Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a
    remote attacker who had compromised the renderer process to obtain potentially sensitive information from
    process memory via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1217)

  - Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially
    exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-1218)

  - Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had
    compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium
    security severity: High) (CVE-2023-1219)

  - Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had
    compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium
    security severity: High) (CVE-2023-1220)

  - Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an
    attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a
    crafted Chrome Extension. (Chromium security severity: Medium) (CVE-2023-1221)

  - Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
    (CVE-2023-1222)

  - Insufficient policy enforcement in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a
    remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
    (CVE-2023-1223)

  - Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a
    remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity:
    Medium) (CVE-2023-1224)

  - Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a
    remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
    (CVE-2023-1225)

  - Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a
    remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity:
    Medium) (CVE-2023-1226)

  - Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who
    convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted
    UI interaction. (Chromium security severity: Medium) (CVE-2023-1227)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2023-a5e10b188a");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-1227");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/03/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:38");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:alsa-plugins");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:attract-mode");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:audacious-plugins");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:blender");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:celestia");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromaprint");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromium");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ffmpeg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ffmpegthumbs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gstreamer1-plugin-libav");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:guacamole-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:haruna");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:indi-3rdparty-drivers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:indi-3rdparty-libraries");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:k3b");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kpipewire");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kstars");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libindi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:loudgain");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mlt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mpv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:neatvnc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:notcurses");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nv-codec-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:phd2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:qmmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:qmmp-plugin-pack");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:qt6-qtmultimedia");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:qt6-qtwebengine");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:retroarch");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:siril");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:stellarium");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:unpaper");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wf-recorder");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xine-lib");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Fedora Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');
var os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
os_ver = os_ver[1];
if (! preg(pattern:"^38([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 38', 'Fedora ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);

var pkgs = [
    {'reference':'alsa-plugins-1.2.7.1-5.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'attract-mode-2.6.2-6.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'audacious-plugins-4.3-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'blender-3.4.1-16.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'celestia-1.7.0~20230305ebfcdb1-4.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'chromaprint-1.5.1-8.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'chromium-111.0.5563.64-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
    {'reference':'ffmpeg-6.0-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ffmpegthumbs-22.12.3-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'gstreamer1-plugin-libav-1.22.0-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'guacamole-server-1.5.0-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'haruna-0.10.3-3.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'indi-3rdparty-drivers-2.0.0-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'indi-3rdparty-libraries-2.0.0-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'k3b-22.12.3-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'kpipewire-5.27.2-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'kstars-3.6.3-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'libindi-2.0.0-3.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'loudgain-0.6.8-13.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'mlt-7.14.0-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'mpv-0.35.1-3.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'neatvnc-0.6.0-2.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'notcurses-3.0.8-6.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'nv-codec-headers-12.0.16.0-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'phd2-2.6.11^dev4^20230212a205f63-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qmmp-2.1.2-4.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qmmp-plugin-pack-2.1.0-5.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt6-qtmultimedia-6.4.2-4.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'qt6-qtwebengine-6.4.2-4.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'retroarch-1.15.0-4.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'siril-1.0.6-6.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'stellarium-1.2-8.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'unpaper-7.0.0-7.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'wf-recorder-0.3.1-0.3.20221225gita9725f7.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'xine-lib-1.2.13-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (reference && _release) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'alsa-plugins / attract-mode / audacious-plugins / blender / etc');
}
VendorProductVersionCPE
fedoraprojectfedoraqt6-qtwebenginep-cpe:/a:fedoraproject:fedora:qt6-qtwebengine
fedoraprojectfedorablenderp-cpe:/a:fedoraproject:fedora:blender
fedoraprojectfedorakstarsp-cpe:/a:fedoraproject:fedora:kstars
fedoraprojectfedoraattract-modep-cpe:/a:fedoraproject:fedora:attract-mode
fedoraprojectfedoraunpaperp-cpe:/a:fedoraproject:fedora:unpaper
fedoraprojectfedorak3bp-cpe:/a:fedoraproject:fedora:k3b
fedoraprojectfedoraqmmpp-cpe:/a:fedoraproject:fedora:qmmp
fedoraprojectfedoraqmmp-plugin-packp-cpe:/a:fedoraproject:fedora:qmmp-plugin-pack
fedoraprojectfedoraaudacious-pluginsp-cpe:/a:fedoraproject:fedora:audacious-plugins
fedoraprojectfedoraffmpegthumbsp-cpe:/a:fedoraproject:fedora:ffmpegthumbs
Rows per page:
1-10 of 361

References

Related

openvas 54
fedora 38
nessus 14
osv 11
freebsd 2
kaspersky 4
chrome 2
mageia 2
ubuntu 1
debian 2
cvelist 9
cve 10
veracode 9
debiancve 8
mscve 7
ubuntucve 6
nvd 7
cnvd 5
prion 7
alpinelinux 1
openvas
openvas
Fedora: Security Advisory for qmmp-plugin-pack (FEDORA-2023-a5e10b188a)
2023-03-14 00:00:00
Fedora: Security Advisory for attract-mode (FEDORA-2023-a5e10b188a)
2023-03-14 00:00:00
Fedora: Security Advisory for indi-3rdparty-drivers (FEDORA-2023-a5e10b188a)
2023-03-14 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: qt6-qtmultimedia-6.4.2-4.fc38
2023-03-14 00:24:40
[SECURITY] Fedora 36 Update: chromium-111.0.5563.64-1.fc36
2023-03-18 05:05:40
[SECURITY] Fedora 38 Update: notcurses-3.0.8-6.fc38
2023-03-14 00:24:34
nessus
nessus
Fedora 37 : chromium (2023-1cf9c4477b)
2023-03-11 00:00:00
Fedora 36 : chromium (2023-015e4d696d)
2023-03-18 00:00:00
openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0061-1)
2023-02-27 00:00:00
osv
osv
chromium - security update
2023-02-23 00:00:00
chromium-browser vulnerabilities
2023-03-13 16:35:20
chromium - security update
2023-03-09 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-02-22 00:00:00
chromium -- multiple vulnerabilities
2023-03-08 00:00:00
kaspersky
kaspersky
KLA40224 Multiple vulnerabilities in Microsoft Browser
2023-02-25 00:00:00
KLA40223 Multiple vulnerabilities in Google Chrome
2023-02-22 00:00:00
KLA48512 Multiple vulnerabilities in Google Chrome
2023-03-07 00:00:00
chrome
chrome
Stable Channel Desktop Update
2023-02-22 00:00:00
Stable Channel Update for Desktop
2023-03-07 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2023-03-02 00:14:31
Updated chromium-browser-stable packages fix security vulnerability
2023-03-11 22:00:39
ubuntu
ubuntu
Chromium vulnerabilities
2023-03-13 00:00:00
debian
debian
[SECURITY] [DSA 5359-1] chromium security update
2023-02-23 22:02:55
[SECURITY] [DSA 5371-1] chromium security update
2023-03-09 19:25:21
cvelist
cvelist
CVE-2023-1225
2023-03-07 21:42:17
CVE-2023-1223
2023-03-07 21:42:17
CVE-2023-1224
2023-03-07 21:42:17
cve
cve
CVE-2023-1219
2023-03-07 22:15:09
CVE-2023-1221
2023-03-07 22:15:09
CVE-2023-1225
2023-03-07 22:15:09
veracode
veracode
Information Disclosure
2023-03-18 13:47:29
Authentication Bypass
2023-03-18 13:47:28
Authentication Bypass
2023-03-18 13:47:27
debiancve
debiancve
CVE-2023-1226
2023-03-07 22:15:10
CVE-2023-0929
2023-02-22 20:15:12
CVE-2023-1222
2023-03-07 22:15:09
mscve
mscve
Chromium: CVE-2023-1221 Insufficient policy enforcement in Extensions API
2023-03-13 07:00:00
Chromium: CVE-2023-1223 Insufficient policy enforcement in Autofill
2023-03-13 07:00:00
Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API
2023-03-13 07:00:00
ubuntucve
ubuntucve
CVE-2023-1221
2023-03-07 00:00:00
CVE-2023-1223
2023-03-07 00:00:00
CVE-2023-1226
2023-03-07 00:00:00
nvd
nvd
CVE-2023-1221
2023-03-07 22:15:09
CVE-2023-1225
2023-03-07 22:15:09
CVE-2023-1227
2023-03-07 22:15:10
cnvd
cnvd
Google Chrome Navigation component code issue vulnerability
2023-03-13 00:00:00
Google Chrome Web Audio API component buffer overflow vulnerability
2023-03-13 00:00:00
Google Chrome Core resource management error vulnerability
2023-03-13 00:00:00
prion
prion
Design/Logic Flaw
2023-03-07 22:15:00
Design/Logic Flaw
2023-03-07 22:15:00
Design/Logic Flaw
2023-02-22 20:15:00
alpinelinux
alpinelinux
CVE-2023-1222
2023-03-07 22:15:09

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

0.015

Percentile

87.1%

JSON
Related for FEDORA_2023-A5E10B188A.NASL
openvas54fedora38nessus14osv11freebsd2kaspersky4chrome2mageia2ubuntu1debian2cvelist9cve10veracode9debiancve8mscve7ubuntucve6nvd7cnvd5prion7alpinelinux1