AVG-1937 log

Package vivaldi
Status Fixed
Severity High
Type multiple issues
Affected 3.8.2259.40-1
Fixed 3.8.2259.42-1
Current 4.1.2369.11-1 [community]
Ticket None
Created Mon May 10 20:00:24 2021
Issue Severity Remote Type Description
CVE-2021-30520 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Tab Strip component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30519 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Payments component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30518 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Reader Mode component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30517 High Yes Incorrect calculation
A type confusion security issue has been found in the V8 component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30516 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the History component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30515 High Yes Arbitrary code execution
A use after free security issue has been found in the File API component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30514 High Yes Arbitrary code execution
A use after free security issue has been found in the Autofill component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30513 High Yes Incorrect calculation
A type confusion security issue has been found in the V8 component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30512 High Yes Arbitrary code execution
A use after free security issue has been found in the Notifications component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30511 High Yes Information disclosure
An out of bounds read security issue has been found in the Tab Groups component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30510 High Yes Arbitrary code execution
A race condition security issue has been found in the Aura component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30509 High Yes Arbitrary code execution
An out of bounds write security issue has been found in the Tab Strip component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30508 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Media Feeds component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30507 High Yes Incorrect calculation
An inappropriate implementation security issue has been found in the Offline component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30506 High Yes Content spoofing
An incorrect security UI security issue has been found in the Web App Installs component of the Chromium browser before version 90.0.4430.212.
Date Advisory Package Type
19 May 2021 ASA-202105-8 vivaldi multiple issues
References
https://vivaldi.com/blog/new-vivaldi-on-android-language-switcher-blocks-cookies-dialogs/
https://vivaldi.com/blog/desktop/minor-update-for-vivaldi-desktop-browser-3-8/
https://vivaldi.com/blog/desktop/minor-update-2-for-vivaldi-desktop-browser-3-8/
Notes
Vivaldi version 3.8.2259.40 is based on Chromium version 90.0.4430.95, Vivaldi version 3.8.2259.42 is based on Chromium version 90.0.4430.214 according to the references.