AVG-1937 log

Package	vivaldi
Status	Fixed
Severity	High
Type	multiple issues
Affected	3.8.2259.40-1
Fixed	3.8.2259.42-1
Current	7.6.3797.63-1 [extra]
Ticket	None
Created	Mon May 10 20:00:24 2021

Issue	Severity	Remote	Type	Description
CVE-2021-30520	Medium	Yes	Arbitrary code execution	A use after free security issue has been found in the Tab Strip component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30519	Medium	Yes	Arbitrary code execution	A use after free security issue has been found in the Payments component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30518	High	Yes	Arbitrary code execution	A heap buffer overflow security issue has been found in the Reader Mode component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30517	High	Yes	Incorrect calculation	A type confusion security issue has been found in the V8 component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30516	High	Yes	Arbitrary code execution	A heap buffer overflow security issue has been found in the History component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30515	High	Yes	Arbitrary code execution	A use after free security issue has been found in the File API component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30514	High	Yes	Arbitrary code execution	A use after free security issue has been found in the Autofill component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30513	High	Yes	Incorrect calculation	A type confusion security issue has been found in the V8 component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30512	High	Yes	Arbitrary code execution	A use after free security issue has been found in the Notifications component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30511	High	Yes	Information disclosure	An out of bounds read security issue has been found in the Tab Groups component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30510	High	Yes	Arbitrary code execution	A race condition security issue has been found in the Aura component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30509	High	Yes	Arbitrary code execution	An out of bounds write security issue has been found in the Tab Strip component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30508	High	Yes	Arbitrary code execution	A heap buffer overflow security issue has been found in the Media Feeds component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30507	High	Yes	Incorrect calculation	An inappropriate implementation security issue has been found in the Offline component of the Chromium browser before version 90.0.4430.212.
CVE-2021-30506	High	Yes	Content spoofing	An incorrect security UI security issue has been found in the Web App Installs component of the Chromium browser before version 90.0.4430.212.

Date	Advisory	Package	Type
19 May 2021	ASA-202105-8	vivaldi	multiple issues

References
https://vivaldi.com/blog/new-vivaldi-on-android-language-switcher-blocks-cookies-dialogs/ https://vivaldi.com/blog/desktop/minor-update-for-vivaldi-desktop-browser-3-8/ https://vivaldi.com/blog/desktop/minor-update-2-for-vivaldi-desktop-browser-3-8/

References

https://vivaldi.com/blog/new-vivaldi-on-android-language-switcher-blocks-cookies-dialogs/
https://vivaldi.com/blog/desktop/minor-update-for-vivaldi-desktop-browser-3-8/
https://vivaldi.com/blog/desktop/minor-update-2-for-vivaldi-desktop-browser-3-8/

Notes
Vivaldi version 3.8.2259.40 is based on Chromium version 90.0.4430.95, Vivaldi version 3.8.2259.42 is based on Chromium version 90.0.4430.214 according to the references.