AVG-1634 log

Package opera
Status Fixed
Severity High
Type multiple issues
Affected 74.0.3911.218-1
Fixed 75.0.3969.149-1
Current 80.0.4170.63-1 [community]
Ticket None
Created Tue Mar 2 22:22:09 2021
Issue Severity Remote Type Description
CVE-2021-21193 High Yes Arbitrary code execution
A use after free security issue was found in the Blink component of the Chromium browser before version 89.0.4389.90. Google is aware of reports that an...
CVE-2021-21192 High Yes Arbitrary code execution
A heap buffer overflow security issue was found in the tab groups component of the Chromium browser before version 89.0.4389.90.
CVE-2021-21191 High Yes Arbitrary code execution
A use after free security issue was found in the WebRTC component of the Chromium browser before version 89.0.4389.90.
CVE-2021-21190 Low Yes Arbitrary code execution
An uninitialized use security issue was found in the PDFium component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21189 Low Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the payments component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21188 Low Yes Arbitrary code execution
A use after free security issue was found in the Blink component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21187 Low Yes Insufficient validation
An insufficient data validation security issue was found in the URL formatting component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21186 Low Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the QR scanning component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21185 Low Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the extensions component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21184 Low Yes Incorrect calculation
An inappropriate implementation security issue was found in the performance APIs component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21183 Low Yes Incorrect calculation
An inappropriate implementation security issue was found in the performance APIs component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21182 Low Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the navigations component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21181 Medium Yes Information disclosure
A side-channel information leakage security issue was found in the autofill component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21180 Medium Yes Arbitrary code execution
A use after free security issue was found in the tab search component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21179 Medium Yes Arbitrary code execution
A use after free security issue was found in the Network Internals component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21178 Medium Yes Incorrect calculation
An inappropriate implementation security issue was found in the Compositing component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21177 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the Autofill component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21176 Medium Yes Incorrect calculation
An inappropriate implementation security issue was found in the full screen mode component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21175 Medium Yes Incorrect calculation
An inappropriate implementation security issue was found in the Site isolation component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21174 Medium Yes Incorrect calculation
An inappropriate implementation security issue was found in the Referrer component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21173 Medium Yes Information disclosure
A side-channel information leakage security issue was found in the Network Internals component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21172 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the File System API component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21171 Medium Yes Content spoofing
An incorrect security UI security issue was found in the TabStrip and Navigation components of the Chromium browser before version 89.0.4389.72.
CVE-2021-21170 Medium Yes Content spoofing
An incorrect security UI security issue was found in the Loader component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21169 Medium Yes Information disclosure
An out of bounds memory access security issue was found in the V8 component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21168 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue was found in the appcache component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21167 Medium Yes Arbitrary code execution
A use after free security issue was found in the bookmarks component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21166 High Yes Arbitrary code execution
An object lifecycle security issue was found in the audio component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21165 High Yes Arbitrary code execution
An object lifecycle security issue was found in the audio component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21163 High Yes Insufficient validation
An insufficient data validation security issue was found in the Reader Mode component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21162 High Yes Arbitrary code execution
A use after free security issue was found in the WebRTC component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21161 High Yes Arbitrary code execution
A heap buffer overflow security issue was found in the TabStrip component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21160 High Yes Arbitrary code execution
A heap buffer overflow security issue was found in the WebAudio component of the Chromium browser before version 89.0.4389.72.
CVE-2021-21159 High Yes Arbitrary code execution
A heap buffer overflow security issue was found in the TabStrip component of the Chromium browser before version 89.0.4389.72.
CVE-2020-27844 Medium No Arbitrary code execution
A heap-based buffer overflow was discovered in lib/openjp2/t2.c:973 in the current master (commit 18b1138fbe3bb0ae4aa2bf1369f9430a8ec6fa00) of OpenJPEG.
References
https://blogs.opera.com/desktop/changelog-for-74/
https://blogs.opera.com/desktop/changelog-for-75/
Notes
Opera version 74.0.3911.218 is based on Chromium version 88.0.4324.192, Opera version 75.0.3969.149 is based on Chromium version 89.0.4389.90 according to the references.