AVG-2563 log

Package opera
Status Fixed
Severity High
Type multiple issues
Affected 81.0.4196.54-1
Fixed 82.0.4227.23-1
Current 82.0.4227.23-1 [community]
Ticket None
Created Wed Nov 17 14:36:09 2021
Advisory Pending
Issue Severity Remote Type Description
CVE-2021-38022 Low Yes Denial of service
An inappropriate implementation security issue has been found in the WebAuthentication component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38021 Medium Yes Information disclosure
An inappropriate implementation security issue has been found in the referrer component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38020 Medium Yes Information disclosure
An insufficient policy enforcement security issue has been found in the contacts picker component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38019 Medium Yes Same-origin policy bypass
An insufficient policy enforcement security issue has been found in the CORS component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38018 Medium Yes Content spoofing
An inappropriate implementation security issue has been found in the navigation component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38017 Medium Yes Sandbox escape
An insufficient policy enforcement security issue has been found in the iframe sandbox component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38016 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the background fetch component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38015 Medium Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the input component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38014 Medium Yes Arbitrary code execution
An out of bounds write security issue has been found in the Swiftshader component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38013 Medium Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the fingerprint recognition component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38012 Medium Yes Arbitrary code execution
A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38011 High Yes Arbitrary code execution
A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38010 High Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the service workers component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38009 High Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the cache component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38008 High Yes Arbitrary code execution
A use after free security issue has been found in the media component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38007 High Yes Arbitrary code execution
A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38006 High Yes Arbitrary code execution
A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45.
CVE-2021-38005 High Yes Arbitrary code execution
A use after free security issue has been found in the loader component of the Chromium browser engine before version 96.0.4664.45.
References
https://blogs.opera.com/desktop/changelog-for-81/
https://blogs.opera.com/desktop/changelog-for-82/
Notes
Opera version 81.0.4196.54 is based on Chromium version 95.0.4638.69, Opera version 82.0.4227.23 is based on Chromium version 96.0.4664.45 according to the references.