AVG-1425 log

Package opera
Status Fixed
Severity High
Type multiple issues
Affected 73.0.3856.329-1
Fixed 73.0.3856.344-1
Current Removed
Ticket None
Created Fri Jan 8 23:25:48 2021
Issue Severity Remote Type Description
CVE-2021-21116 Medium Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the audio component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21115 High Yes Arbitrary code execution
A use after free security issue has been found in the safe browsing component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21114 High Yes Arbitrary code execution
A use after free security issue has been found in the audio component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21113 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Skia component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21112 High Yes Arbitrary code execution
A use after free security issue has been found in the Blink component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21111 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the WebUI component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21110 High Yes Arbitrary code execution
A use after free security issue has been found in the safe browsing component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21109 High Yes Arbitrary code execution
A use after free security issue has been found in the payments component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21108 High Yes Arbitrary code execution
A use after free security issue has been found in the media component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21107 High Yes Arbitrary code execution
A use after free security issue has been found in the drag and drop component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21106 High Yes Arbitrary code execution
A use after free security issue has been found in the autofill component of the Chromium browser before version 87.0.4280.141.
CVE-2020-16043 High Yes Insufficient validation
An insufficient data validation security issue has been found in the networking component of the Chromium browser before version 87.0.4280.141.
CVE-2020-15995 High Yes Arbitrary code execution
An out of bounds write security issue has been found in the V8 component of the Chromium browser before version 87.0.4280.141.
Notes
Opera version 73.0.3856.329 is based on Chromium version 87.0.4280.88 according to https://blogs.opera.com/desktop/2021/01/opera-73-0-3856-329-stable-update/, thus sharing the recently disclosed security issues found in that version of Chromium. Opera version 73.0.3856.344 is based on the fixed Chromium version 87.0.4280.141 according to https://blogs.opera.com/desktop/2021/01/opera-73-0-3856-344-stable-update/.