AVG-1794 log

Package opera
Status Fixed
Severity High
Type multiple issues
Affected 75.0.3969.149-1
Fixed 75.0.3969.171-1
Current Removed
Ticket None
Created Fri Apr 9 20:03:17 2021
Issue Severity Remote Type Description
CVE-2021-21199 High Yes Arbitrary code execution
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially...
CVE-2021-21198 High Yes Sandbox escape
An out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially...
CVE-2021-21197 High Yes Arbitrary code execution
A heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195 High Yes Arbitrary code execution
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21194 High Yes Arbitrary code execution
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
https://blogs.opera.com/desktop/changelog-for-75/
Notes
Opera version 75.0.3969.149 is based on Chromium version 89.0.4389.90, Opera version 75.0.3969.171 is based on Chromium version 89.0.4389.114 according to the reference.