VulnerableCode Package Details - pkg:alpm/archlinux/opera@80.0.4170.16-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-8uf6-f663-aaap Aliases: CVE-2021-37980	Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.	80.0.4170.63-1 Affected by 0 other vulnerabilities.
VCID-a4nb-bhjm-aaas Aliases: CVE-2021-37979	heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page.	80.0.4170.63-1 Affected by 0 other vulnerabilities.
VCID-ceq6-c16t-aaaf Aliases: CVE-2021-37977	Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	80.0.4170.63-1 Affected by 0 other vulnerabilities.
VCID-fmwh-wvvj-aaah Aliases: CVE-2021-37978	Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	80.0.4170.63-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-8uf6-f663-aaap
Aliases:
CVE-2021-37980

Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.

80.0.4170.63-1
Affected by 0 other vulnerabilities.

VCID-a4nb-bhjm-aaas
Aliases:
CVE-2021-37979

heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page.

80.0.4170.63-1
Affected by 0 other vulnerabilities.

VCID-ceq6-c16t-aaaf
Aliases:
CVE-2021-37977

Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

80.0.4170.63-1
Affected by 0 other vulnerabilities.

VCID-fmwh-wvvj-aaah
Aliases:
CVE-2021-37978

Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

80.0.4170.63-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6ebd-gq34-aaaa	Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	CVE-2021-37973
VCID-7hyr-h3qc-aaas	Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-37965
VCID-7ycf-uwjr-aaam	Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37956
VCID-ace4-ucva-aaae	Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	CVE-2021-37971
VCID-aun7-7bwu-aaap	Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37975
VCID-cdqe-bdmh-aaaf	Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37974
VCID-dds6-5trg-aaak	Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-37968
VCID-fpbn-bx9f-aaae	Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page.	CVE-2021-37963
VCID-fuj5-819c-aaaf	Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37959
VCID-kcch-twsy-aaac	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	CVE-2021-37960
VCID-me3s-wvb2-aaab	Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	CVE-2021-37976
VCID-npj4-y24t-aaab	Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37962
VCID-qqhg-mrsm-aaap	Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	CVE-2021-37966
VCID-r23w-7qrs-aaaj	Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.	CVE-2021-37967
VCID-u2yn-r3ag-aaab	Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37972
VCID-u76k-zezw-aaah	Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.	CVE-2021-37958
VCID-uudx-2g3h-aaar	Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37961
VCID-vmyf-7ff4-aaah	Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37957
VCID-vu62-4168-aaag	Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-37970

Vulnerability

Summary

Aliases

VCID-6ebd-gq34-aaaa

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-37973

VCID-7hyr-h3qc-aaas

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-37965

VCID-7ycf-uwjr-aaam

Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37956

VCID-ace4-ucva-aaae

Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2021-37971

VCID-aun7-7bwu-aaap

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37975

VCID-cdqe-bdmh-aaaf

Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37974

VCID-dds6-5trg-aaak

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-37968

VCID-fpbn-bx9f-aaae

Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page.

CVE-2021-37963

VCID-fuj5-819c-aaaf

Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37959

VCID-kcch-twsy-aaac

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2021-37960

VCID-me3s-wvb2-aaab

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

CVE-2021-37976

VCID-npj4-y24t-aaab

Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37962

VCID-qqhg-mrsm-aaap

Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2021-37966

VCID-r23w-7qrs-aaaj

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

CVE-2021-37967

VCID-u2yn-r3ag-aaab

Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37972

VCID-u76k-zezw-aaah

Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

CVE-2021-37958

VCID-uudx-2g3h-aaar

Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37961

VCID-vmyf-7ff4-aaah

Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37957

VCID-vu62-4168-aaag

Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37970

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-01-03T22:26:36.094028+00:00	Arch Linux Importer	Affected by	VCID-ceq6-c16t-aaaf	https://security.archlinux.org/AVG-2444	34.0.0rc1
2024-01-03T22:26:36.067361+00:00	Arch Linux Importer	Affected by	VCID-fmwh-wvvj-aaah	https://security.archlinux.org/AVG-2444	34.0.0rc1
2024-01-03T22:26:36.040956+00:00	Arch Linux Importer	Affected by	VCID-a4nb-bhjm-aaas	https://security.archlinux.org/AVG-2444	34.0.0rc1
2024-01-03T22:26:36.014491+00:00	Arch Linux Importer	Affected by	VCID-8uf6-f663-aaap	https://security.archlinux.org/AVG-2444	34.0.0rc1
2024-01-03T22:26:35.992795+00:00	Arch Linux Importer	Fixing	VCID-7ycf-uwjr-aaam	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.970681+00:00	Arch Linux Importer	Fixing	VCID-vmyf-7ff4-aaah	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.951514+00:00	Arch Linux Importer	Fixing	VCID-u76k-zezw-aaah	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.932758+00:00	Arch Linux Importer	Fixing	VCID-fuj5-819c-aaaf	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.913778+00:00	Arch Linux Importer	Fixing	VCID-kcch-twsy-aaac	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.894914+00:00	Arch Linux Importer	Fixing	VCID-uudx-2g3h-aaar	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.875829+00:00	Arch Linux Importer	Fixing	VCID-npj4-y24t-aaab	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.856916+00:00	Arch Linux Importer	Fixing	VCID-fpbn-bx9f-aaae	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.837676+00:00	Arch Linux Importer	Fixing	VCID-7hyr-h3qc-aaas	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.818844+00:00	Arch Linux Importer	Fixing	VCID-qqhg-mrsm-aaap	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.799613+00:00	Arch Linux Importer	Fixing	VCID-r23w-7qrs-aaaj	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.778083+00:00	Arch Linux Importer	Fixing	VCID-dds6-5trg-aaak	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.753947+00:00	Arch Linux Importer	Fixing	VCID-vu62-4168-aaag	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.732129+00:00	Arch Linux Importer	Fixing	VCID-ace4-ucva-aaae	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.710488+00:00	Arch Linux Importer	Fixing	VCID-u2yn-r3ag-aaab	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.688919+00:00	Arch Linux Importer	Fixing	VCID-6ebd-gq34-aaaa	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.665081+00:00	Arch Linux Importer	Fixing	VCID-cdqe-bdmh-aaaf	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.643137+00:00	Arch Linux Importer	Fixing	VCID-aun7-7bwu-aaap	https://security.archlinux.org/AVG-2410	34.0.0rc1
2024-01-03T22:26:35.618689+00:00	Arch Linux Importer	Fixing	VCID-me3s-wvb2-aaab	https://security.archlinux.org/AVG-2410	34.0.0rc1