VulnerableCode Package Details - pkg:alpm/archlinux/opera@74.0.3911.75-1

Search for packages

Package details: pkg:alpm/archlinux/opera@74.0.3911.75-1

Essentials
History (33)

purl	pkg:alpm/archlinux/opera@74.0.3911.75-1

Next non-vulnerable version	74.0.3911.107-1
Latest non-vulnerable version	82.0.4227.43-1
Risk	10.0

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-1cst-pd37-aaae Aliases: CVE-2021-21147	Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	74.0.3911.107-1 Affected by 0 other vulnerabilities.
VCID-851a-swft-aaaq Aliases: CVE-2021-21144	Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.	74.0.3911.107-1 Affected by 0 other vulnerabilities.
VCID-hp29-9334-aaan Aliases: CVE-2021-21142	Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.	74.0.3911.107-1 Affected by 0 other vulnerabilities.
VCID-kegd-rd79-aaac Aliases: CVE-2021-21148	Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	74.0.3911.107-1 Affected by 0 other vulnerabilities.
VCID-rjxb-ecnh-aaaf Aliases: CVE-2021-21145	Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	74.0.3911.107-1 Affected by 0 other vulnerabilities.
VCID-w426-pvdd-aaad Aliases: CVE-2021-21146	Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	74.0.3911.107-1 Affected by 0 other vulnerabilities.
VCID-y383-pyzh-aaae Aliases: CVE-2021-21143	Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.	74.0.3911.107-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (26)

Vulnerability	Summary	Aliases
VCID-1r4y-tw69-aaae	Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21119
VCID-3q96-sh6f-aaaa	Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.	CVE-2021-21140
VCID-4b9s-u6nm-aaah	Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.	CVE-2021-21133
VCID-4cur-kwad-aaab	Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21136
VCID-55kv-hkse-aaaq	Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.	CVE-2021-21124
VCID-5mab-vgkk-aaak	Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21135
VCID-8622-h7qj-aaan	Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.	CVE-2021-21141
VCID-9bdr-h4pm-aaap	Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.	CVE-2021-21127
VCID-9j99-x3yf-aaae	Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21122
VCID-bn5p-hq72-aaaq	Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.	CVE-2021-21137
VCID-c2h2-s28q-aaam	Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	CVE-2021-21139
VCID-cs1y-yf92-aaag	Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.	CVE-2021-21132
VCID-cub5-jqd4-aaaf	Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.	CVE-2021-21118
VCID-ezw7-3d39-aaah	Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21120
VCID-hmyw-2x88-aaaj	Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.	CVE-2020-16044
VCID-hp7b-mdur-aaak	Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.	CVE-2021-21121
VCID-jvc2-kr6v-aaag	Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.	CVE-2021-21123
VCID-kunw-vb8w-aaae	Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.	CVE-2021-21134
VCID-qcmc-tgv1-aaah	Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.	CVE-2021-21131
VCID-rxd7-5n9u-aaaa	Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.	CVE-2021-21125
VCID-s54n-a63k-aaae	Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file.	CVE-2021-21138
VCID-s6sg-4psr-aaah	Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.	CVE-2021-21126
VCID-ukvt-bkx6-aaas	Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.	CVE-2021-21130
VCID-xrx2-pzbu-aaaa	Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file.	CVE-2021-21117
VCID-yf61-u86u-aaad	Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.	CVE-2021-21129
VCID-zwud-pxjz-aaae	Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21128

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-01-03T22:25:38.021942+00:00	Arch Linux Importer	Fixing	VCID-hmyw-2x88-aaaj	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.995554+00:00	Arch Linux Importer	Fixing	VCID-xrx2-pzbu-aaaa	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.974483+00:00	Arch Linux Importer	Fixing	VCID-cub5-jqd4-aaaf	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.953315+00:00	Arch Linux Importer	Fixing	VCID-1r4y-tw69-aaae	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.932091+00:00	Arch Linux Importer	Fixing	VCID-ezw7-3d39-aaah	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.910861+00:00	Arch Linux Importer	Fixing	VCID-hp7b-mdur-aaak	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.889666+00:00	Arch Linux Importer	Fixing	VCID-9j99-x3yf-aaae	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.868532+00:00	Arch Linux Importer	Fixing	VCID-jvc2-kr6v-aaag	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.847336+00:00	Arch Linux Importer	Fixing	VCID-55kv-hkse-aaaq	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.826190+00:00	Arch Linux Importer	Fixing	VCID-rxd7-5n9u-aaaa	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.805116+00:00	Arch Linux Importer	Fixing	VCID-s6sg-4psr-aaah	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.784039+00:00	Arch Linux Importer	Fixing	VCID-9bdr-h4pm-aaap	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.756830+00:00	Arch Linux Importer	Fixing	VCID-zwud-pxjz-aaae	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.729734+00:00	Arch Linux Importer	Fixing	VCID-yf61-u86u-aaad	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.703416+00:00	Arch Linux Importer	Fixing	VCID-ukvt-bkx6-aaas	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.679338+00:00	Arch Linux Importer	Fixing	VCID-qcmc-tgv1-aaah	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.650439+00:00	Arch Linux Importer	Fixing	VCID-cs1y-yf92-aaag	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.628581+00:00	Arch Linux Importer	Fixing	VCID-4b9s-u6nm-aaah	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.606966+00:00	Arch Linux Importer	Fixing	VCID-kunw-vb8w-aaae	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.585032+00:00	Arch Linux Importer	Fixing	VCID-5mab-vgkk-aaak	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.563366+00:00	Arch Linux Importer	Fixing	VCID-4cur-kwad-aaab	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.541563+00:00	Arch Linux Importer	Fixing	VCID-bn5p-hq72-aaaq	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.519364+00:00	Arch Linux Importer	Fixing	VCID-s54n-a63k-aaae	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.497616+00:00	Arch Linux Importer	Fixing	VCID-c2h2-s28q-aaam	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.476101+00:00	Arch Linux Importer	Fixing	VCID-3q96-sh6f-aaaa	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:37.448210+00:00	Arch Linux Importer	Fixing	VCID-8622-h7qj-aaan	https://security.archlinux.org/AVG-1479	34.0.0rc1
2024-01-03T22:25:35.811343+00:00	Arch Linux Importer	Affected by	VCID-hp29-9334-aaan	https://security.archlinux.org/AVG-1527	34.0.0rc1
2024-01-03T22:25:35.791947+00:00	Arch Linux Importer	Affected by	VCID-y383-pyzh-aaae	https://security.archlinux.org/AVG-1527	34.0.0rc1
2024-01-03T22:25:35.772571+00:00	Arch Linux Importer	Affected by	VCID-851a-swft-aaaq	https://security.archlinux.org/AVG-1527	34.0.0rc1
2024-01-03T22:25:35.748685+00:00	Arch Linux Importer	Affected by	VCID-rjxb-ecnh-aaaf	https://security.archlinux.org/AVG-1527	34.0.0rc1
2024-01-03T22:25:35.726404+00:00	Arch Linux Importer	Affected by	VCID-w426-pvdd-aaad	https://security.archlinux.org/AVG-1527	34.0.0rc1
2024-01-03T22:25:35.704779+00:00	Arch Linux Importer	Affected by	VCID-1cst-pd37-aaae	https://security.archlinux.org/AVG-1527	34.0.0rc1
2024-01-03T22:25:35.683123+00:00	Arch Linux Importer	Affected by	VCID-kegd-rd79-aaac	https://security.archlinux.org/AVG-1527	34.0.0rc1