AVG-2337 log

Package vivaldi
Status Fixed
Severity High
Type multiple issues
Affected 4.1.2369.21-1
Fixed 4.2.2406.44-1
Current 5.0.2497.24-1 [community]
Ticket None
Created Tue Aug 31 19:57:00 2021
Issue Severity Remote Type Description
CVE-2021-30633 High Yes Arbitrary code execution
A use after free security issue has been found in the Indexed DB API component of the Chromium browser engine before version 93.0.4577.82. Google is aware...
CVE-2021-30632 High Yes Arbitrary code execution
An out of bounds write security issue has been found in the V8 component of the Chromium browser engine before version 93.0.4577.82. Google is aware that...
CVE-2021-30631 High Yes Arbitrary code execution
A type confusion security issue has been found in the Blink layout component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30630 High Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the Blink component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30629 High Yes Arbitrary code execution
A use after free security issue has been found in the Permissions component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30628 High Yes Arbitrary code execution
A stack buffer overflow security issue has been found in the ANGLE component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30627 High Yes Arbitrary code execution
A type confusion security issue has been found in the Blink layout component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30626 High Yes Arbitrary code execution
An out of bounds memory access security issue has been found in the ANGLE component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30625 High Yes Arbitrary code execution
A use after free security issue has been found in the Selection API component of the Chromium browser engine before version 93.0.4577.82.
CVE-2021-30624 Low Yes Arbitrary code execution
A use after free security issue has been found in the Autofill component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30623 Low Yes Arbitrary code execution
A use after free security issue has been found in the Bookmarks component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30622 Medium Yes Arbitrary code execution
A use after free security issue has been found in the WebApp Installs component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30621 Medium Yes Content spoofing
An UI spoofing security issue has been found in the Autofill component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30620 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the Blink component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30619 Medium Yes Content spoofing
An UI spoofing security issue has been found in the Autofill component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30618 Medium Yes Incorrect calculation
An inappropriate implementation security issue has been found in the DevTools component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30617 Medium Yes Access restriction bypass
A policy bypass security issue has been found in the Blink component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30616 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Media component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30615 Medium Yes Information disclosure
A cross-origin data leak security issue has been found in the Navigation component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30614 Medium Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the TabStrip component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30613 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Base internals component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30612 Medium Yes Arbitrary code execution
A use after free security issue has been found in the WebRTC component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30611 Medium Yes Arbitrary code execution
A use after free security issue has been found in the WebRTC component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30610 High Yes Arbitrary code execution
A use after free security issue has been found in the Extensions API component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30609 High Yes Arbitrary code execution
A use after free security issue has been found in the Sign-In component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30608 High Yes Arbitrary code execution
A use after free security issue has been found in the Web Share component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30607 High Yes Arbitrary code execution
A use after free security issue has been found in the Permissions component of the Chromium browser engine before version 93.0.4577.63.
CVE-2021-30606 High Yes Arbitrary code execution
A use after free security issue has been found in the Blink component of the Chromium browser engine before version 93.0.4577.63.
References
https://vivaldi.com/blog/desktop/minor-update-3-for-desktop-browser-4-1/
https://vivaldi.com/blog/news/vivaldi-translates-selected-text-into-a-selection-of-languages-more-privately/
Notes
Vivaldi version 4.1.2369.21 is based on Chromium version 92.0.4515.159, Vivaldi version 4.2.2406.44 is based on Chromium version 93.0.4577.83 according to the references.