VulnerableCode Package Details - pkg:alpm/archlinux/opera@75.0.3969.218-1

Vulnerabilities affecting this package (19)

Vulnerability	Summary	Fixed by
VCID-45hr-84ah-aaaj Aliases: CVE-2021-21222	Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-9w41-uy17-aaaf Aliases: CVE-2021-21207	Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-aam1-pc5e-aaap Aliases: CVE-2021-21216	Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bv8f-s5us-aaaj Aliases: CVE-2021-21219	Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ctdr-x4ht-aaaf Aliases: CVE-2021-21224	Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e3xs-aaes-aaam Aliases: CVE-2021-21202	Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-f7wb-b11n-aaac Aliases: CVE-2021-21226	Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fbtc-dmfn-aaam Aliases: CVE-2021-21223	Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-g9n6-vuaf-aaac Aliases: CVE-2021-21221	Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-jesp-9r91-aaac Aliases: CVE-2021-21203	Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-k5xa-tb21-aaak Aliases: CVE-2021-21210	Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kxsy-6j2m-aaam Aliases: CVE-2021-21218	Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-mtb3-v6gc-aaam Aliases: CVE-2021-21225	Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-nkus-48cs-aaah Aliases: CVE-2021-21209	Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-p68a-y438-aaaa Aliases: CVE-2021-21217	Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pnad-9jx1-aaap Aliases: CVE-2021-21214	Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-r9eg-zqmu-aaas Aliases: CVE-2021-21215	Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-tcgr-zddp-aaad Aliases: CVE-2021-21201	Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-x2v5-bwzp-aaaj Aliases: CVE-2021-21213	Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	76.0.4017.94-1 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Next non-vulnerable version	76.0.4017.107-1
Latest non-vulnerable version	82.0.4227.43-1
Risk	10.0

Vulnerability	Summary	Aliases
VCID-3mws-4qb4-aaae	Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21206
VCID-9qbd-v9f9-aaac	Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21220

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-01-03T22:26:56.291676+00:00	Arch Linux Importer	Affected by	VCID-tcgr-zddp-aaad	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.270468+00:00	Arch Linux Importer	Affected by	VCID-e3xs-aaes-aaam	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.249300+00:00	Arch Linux Importer	Affected by	VCID-jesp-9r91-aaac	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.228163+00:00	Arch Linux Importer	Affected by	VCID-9w41-uy17-aaaf	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.206851+00:00	Arch Linux Importer	Affected by	VCID-nkus-48cs-aaah	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.185556+00:00	Arch Linux Importer	Affected by	VCID-k5xa-tb21-aaak	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.155665+00:00	Arch Linux Importer	Affected by	VCID-x2v5-bwzp-aaaj	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.125807+00:00	Arch Linux Importer	Affected by	VCID-pnad-9jx1-aaap	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.103453+00:00	Arch Linux Importer	Affected by	VCID-r9eg-zqmu-aaas	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.076450+00:00	Arch Linux Importer	Affected by	VCID-aam1-pc5e-aaap	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.050397+00:00	Arch Linux Importer	Affected by	VCID-p68a-y438-aaaa	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:56.024489+00:00	Arch Linux Importer	Affected by	VCID-kxsy-6j2m-aaam	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.998366+00:00	Arch Linux Importer	Affected by	VCID-bv8f-s5us-aaaj	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.972010+00:00	Arch Linux Importer	Affected by	VCID-g9n6-vuaf-aaac	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.947946+00:00	Arch Linux Importer	Affected by	VCID-45hr-84ah-aaaj	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.924101+00:00	Arch Linux Importer	Affected by	VCID-fbtc-dmfn-aaam	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.902868+00:00	Arch Linux Importer	Affected by	VCID-ctdr-x4ht-aaaf	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.881576+00:00	Arch Linux Importer	Affected by	VCID-mtb3-v6gc-aaam	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:55.860420+00:00	Arch Linux Importer	Affected by	VCID-f7wb-b11n-aaac	https://security.archlinux.org/AVG-1840	34.0.0rc1
2024-01-03T22:26:54.384077+00:00	Arch Linux Importer	Fixing	VCID-3mws-4qb4-aaae	https://security.archlinux.org/AVG-1818	34.0.0rc1
2024-01-03T22:26:54.364528+00:00	Arch Linux Importer	Fixing	VCID-9qbd-v9f9-aaac	https://security.archlinux.org/AVG-1818	34.0.0rc1