AVG-2468 log

Package opera
Status Fixed
Severity High
Type multiple issues
Affected 80.0.4170.72-1
Fixed 81.0.4196.31-1
Current Removed
Ticket None
Created Thu Oct 14 12:37:22 2021
Issue Severity Remote Type Description
CVE-2021-37996 Medium Yes Insufficient validation
An insufficient validation of untrusted input security issue has been found in the Downloads component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37995 Low Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the WebApp Installer component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37994 Low Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the iFrame Sandbox component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37993 Medium Yes Arbitrary code execution
A use after free security issue has been found in the PDF Accessibility component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37992 Medium Yes Information disclosure
An out of bounds read security issue has been found in the WebAudio component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37991 Medium Yes Arbitrary code execution
A race security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37990 Medium Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the WebView component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37989 Medium Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the Blink component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37988 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Profiles component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37987 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Network APIs component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37986 Medium Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Settings component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37985 High Yes Arbitrary code execution
A use after free security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37984 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the PDFium component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37983 High Yes Arbitrary code execution
A use after free security issue has been found in the Dev Tools component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37982 High Yes Arbitrary code execution
A use after free security issue has been found in the Incognito component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37981 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Skia component of the Chromium browser engine before version 95.0.4638.54.
Date Advisory Package Type
05 Nov 2021 ASA-202111-4 opera multiple issues
References
https://blogs.opera.com/desktop/changelog-for-80/
https://blogs.opera.com/desktop/changelog-for-81/
Notes
Opera version 80.0.4170.72 is based on Chromium version 94.0.4606.81, Opera version 81.0.4196.31 is based on Chromium version 95.0.4638.54 according to the references.