AVG-2409 log

Package vivaldi
Status Fixed
Severity High
Type multiple issues
Affected 4.2.2406.54-1
Fixed 4.3.2439.39-1
Current 7.0.3495.15-1 [extra]
Ticket None
Created Tue Sep 21 20:11:28 2021
Issue Severity Remote Type Description
CVE-2021-37972 Low Yes Information disclosure 
An out of bounds read security issue has been found in the libjpeg- turbo component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37971 Low Yes Content spoofing 
An incorrect security UI security issue has been found in the Web Browser UI component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37970 Medium Yes Arbitrary code execution 
A use after free security issue has been found in the File System API component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37968 Medium Yes Arbitrary code execution 
An inappropriate implementation security issue has been found in the Background Fetch API component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37967 Medium Yes Arbitrary code execution 
An inappropriate implementation security issue has been found in the Background Fetch API component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37966 Medium Yes Arbitrary code execution 
An inappropriate implementation security issue has been found in the Compositing component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37965 Medium Yes Arbitrary code execution 
An inappropriate implementation security issue has been found in the Background Fetch API component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37963 Medium Yes Information disclosure 
A side-channel information leakage security issue has been found in the DevTools component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37962 Medium Yes Arbitrary code execution 
A use after free security issue has been found in the Performance Manager component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37961 Medium Yes Arbitrary code execution 
A use after free security issue has been found in the Tab Strip component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37960 High Yes Arbitrary code execution 
An inappropriate implementation security issue has been found in the Blink graphics component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37959 High Yes Arbitrary code execution 
A use after free security issue has been found in the Task Manager component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37958 High Yes Arbitrary code execution 
An inappropriate implementation security issue has been found in the Navigation component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37957 High Yes Arbitrary code execution 
A use after free security issue has been found in the WebGPU component of the Chromium browser engine before version 94.0.4606.54.
CVE-2021-37956 High Yes Arbitrary code execution 
A use after free security issue has been found in the Offline use component of the Chromium browser engine before version 94.0.4606.54.
References 
https://vivaldi.com/blog/desktop/update-two-4-2/
https://vivaldi.com/blog/vivaldi-gets-more-private-delivers-an-all-new-capture-pwa-support/
Notes 
Vivaldi version 4.2.2406.54 is based on Chromium version 93.0.4577.99, Vivaldi version 4.3.2439.39 is based on Chromium version 94.0.4606.72 according to the references.