Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2021-38004
Vulnerability from cvelistv5
Published
2021-11-23 21:30
Modified
2024-08-04 01:30
Severity ?
EPSS score ?
Summary
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| chrome-cve-admin@google.com | https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html | Release Notes, Vendor Advisory | |
| chrome-cve-admin@google.com | https://crbug.com/1227170 | Permissions Required, Vendor Advisory | |
| chrome-cve-admin@google.com | https://www.debian.org/security/2022/dsa-5046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://crbug.com/1227170 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5046 | Third Party Advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:30:09.209Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1227170", }, { name: "DSA-5046", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5046", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "95.0.4638.69", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-15T14:08:14", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1227170", }, { name: "DSA-5046", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5046", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2021-38004", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "95.0.4638.69", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { name: "https://crbug.com/1227170", refsource: "MISC", url: "https://crbug.com/1227170", }, { name: "DSA-5046", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5046", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2021-38004", datePublished: "2021-11-23T21:30:32", dateReserved: "2021-08-03T00:00:00", dateUpdated: "2024-08-04T01:30:09.209Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2021-38004\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2021-11-23T22:15:07.980\",\"lastModified\":\"2024-11-21T06:16:14.923\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Una aplicación insuficiente de políticas en Autofill en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-668\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"95.0.4638.69\",\"matchCriteriaId\":\"B625BE9F-2418-44C9-8974-DFD6430CBD46\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1227170\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5046\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1227170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5046\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
opensuse-su-2022:0047-1
Vulnerability from csaf_opensuse
Published
2022-02-20 17:01
Modified
2022-02-20 17:01
Summary
Security update for opera
Notes
Title of the patch
Security update for opera
Description of the patch
This update for opera fixes the following issues:
Update to 83.0.4254.27
- CHR-8737 Update chromium on desktop-stable-97-4254 to
97.0.4692.99
- DNA-96336 [Mac] Translate new network installer slogan
- DNA-96678 Add battery level monitoring capability to
powerSavePrivate
- DNA-96939 Crash at
opera::ExternalVideoService::MarkAsManuallyClosed()
- DNA-97276 Enable #static-tab-audio-indicator on all streams
- The update to chromium 97.0.4692.99 fixes following issues:
CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,
CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,
CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,
CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,
CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310,
CVE-2022-0311
Update to 83.0.4254.19
- DNA-96079 Turn on #automatic-video-popout on developer
- DNA-97070 Opera 83 translations
- DNA-97119 [LastCard] Stop showing used burner cards
- DNA-97131 Enable automatic-video-popout on all streams from
O84 on
- DNA-97257 Crash at
views::ImageButton::SetMinimumImageSize(gfx::Size const&)
- DNA-97259 Promote O83 to stable
- Complete Opera 83.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-83/
- Update to 83.0.4254.16
- DNA-96968 Fix alignment of the 'Advanced' button in Settings
- Update to 83.0.4254.14
- CHR-8701 Update chromium on desktop-stable-97-4254 to
97.0.4692.45
- CHR-8713 Update chromium on desktop-stable-97-4254 to
97.0.4692.56
- CHR-8723 Update chromium on desktop-stable-97-4254 to
97.0.4692.71
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96822 Tab close resize behavior change
- DNA-96861 Create Loomi Options menu
- DNA-96904 Support Win11 snap layout popup
- DNA-96951 Tab close animation broken
- DNA-96991 Tab X button doesn’t work correctly
- DNA-97027 Incorrect tab size after tab close
- The update to chromium 97.0.4692.71 fixes following issues:
CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,
CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,
CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,
CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,
CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,
CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,
CVE-2022-0118, CVE-2022-0120
- Update to version 82.0.4227.58
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96890 Settings default browser not working for current
user on Windows 7
- Update to version 82.0.4227.43
- CHR-8705 Update chromium on desktop-stable-96-4227 to
96.0.4664.110
- DNA-93284 Unstable
obj/opera/desktop/common/installer_rc_generated/installer.res
- DNA-95908 Interstitial/internal pages shown as NOT SECURE
after visiting http site
- DNA-96404 Opera doesn’t show on main screen when second screen
is abruptly disconnected
- The update to chromium 96.0.4664.110 fixes following issues:
CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101,
CVE-2021-4102
- Update to version 82.0.4227.33
- CHR-8689 Update chromium on desktop-stable-96-4227 to
96.0.4664.93
- DNA-96559 Tooltip popup looks bad in dark theme
- DNA-96570 [Player] Tidal logging in via PLAY doesn’t work
- DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks
- DNA-96649 Update Meme button
- DNA-96676 Add Icon in the Sidebar Setup
- DNA-96677 Add default URL
- The update to chromium 96.0.4664.93 fixes following issues:
CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,
CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,
CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,
CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,
CVE-2021-4067, CVE-2021-4068
- Update to version 82.0.4227.23
- DNA-95632 With new au-logic UUID is set with delay and may be
not set for pb-builds (when closing fast)
- DNA-96349 Laggy tooltip animation
- DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap
version for Opera 82
- DNA-96493 Create 'small' enticement in credit card autofill
- DNA-96533 Opera 82 translations
- DNA-96535 Make the URL configurable
- DNA-96553 Add switch to whitelist test pages
- DNA-96557 Links not opened from panel
- DNA-96558 AdBlock bloks some trackers inside the panel
- DNA-96568 [Player] Tidal in sidebar Player opens wrong site
when logging in
- DNA-96659 Siteprefs not applied after network service crash
- DNA-96593 Promote O82 to stable
- Complete Opera 82.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-82/
- Update to version 82.0.4227.13
- CHR-8668 Update chromium on desktop-stable-96-4227 to
96.0.4664.45
- DNA-76987 [Mac] Update desktop EULA with geolocation split
- DNA-93388 Problem with symlinks on windows when creating
file list
- DNA-95734 Discarded Recently Closed items get revived
after restart
- DNA-96134 'Your profile has been updated' does not disappear
- DNA-96190 Opera freezes when trying to drag expanded
bookmark folder with nested subfolders
- DNA-96223 Easy Files not working in Full Screen
- DNA-96274 Checkout autofill shouldn't show used burner card
- DNA-96275 Change the notification message for pausing
multi-use cards
- DNA-96295 'Video pop out' setting doesn't sync
- DNA-96316 Highlight text wrong colour on dark mode
- DNA-96326 Wrong translation Private Mode > Turkish
- DNA-96351 macOS window controls are missing in full screen
- DNA-96440 Update video URL
- DNA-96448 add option to pin extension via rich hints
- DNA-96453 Register user-chosen option on client-side, read on
hint side
- DNA-96454 Choosing an option from the settings menu should
close the popup
- DNA-96484 Enable AB test for a new autoupdater logic (for 50%)
- DNA-96500 Add 'don't show me again' prefs to allowed whitelist
- DNA-96538 Inline audiocomplete for www.mediaexpert.pl
incorrectly suggested
- The update to chromium 96.0.4664.45 fixes following issues:
CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,
CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,
CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,
CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,
CVE-2021-38022
- Update to version 81.0.4196.54
- CHR-8644 Update chromium on desktop-stable-95-4196 to
95.0.4638.69
- DNA-95773 ExtensionWebRequestApiTest crashes on mac
- DNA-96062 Opera 81 translations
- DNA-96134 “Your profile has been updated’ does not disappear
- DNA-96274 Checkout autofill shouldn’t show used burner card
- DNA-96275 Change the notification message for pausing
multi-use cards
- DNA-96440 Update video URL
- The update to chromium 95.0.4638.69 fixes following issues:
CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,
CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004
- Update to version 81.0.4196.37
- DNA-96008 Crash at
content::WebContentsImpl::OpenURL(content::OpenURLParams const&)
- DNA-96032 Closing the videoconference pop-up force leaving
the meeting
- DNA-96092 Crash at void
opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)
- DNA-96142 [Yat] Emoji icon cut off in URL for Yat
Patchnames
openSUSE-2022-47
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for opera", title: "Title of the patch", }, { category: "description", text: "This update for opera fixes the following issues:\n\nUpdate to 83.0.4254.27\n\n - CHR-8737 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.99\n - DNA-96336 [Mac] Translate new network installer slogan\n - DNA-96678 Add battery level monitoring capability to\n powerSavePrivate\n - DNA-96939 Crash at \n opera::ExternalVideoService::MarkAsManuallyClosed()\n - DNA-97276 Enable #static-tab-audio-indicator on all streams\n\n- The update to chromium 97.0.4692.99 fixes following issues:\n CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,\n CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,\n CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,\n CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,\n CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310,\n CVE-2022-0311\n\nUpdate to 83.0.4254.19\n\n - DNA-96079 Turn on #automatic-video-popout on developer\n - DNA-97070 Opera 83 translations\n - DNA-97119 [LastCard] Stop showing used burner cards\n - DNA-97131 Enable automatic-video-popout on all streams from\n O84 on\n - DNA-97257 Crash at \n views::ImageButton::SetMinimumImageSize(gfx::Size const&)\n - DNA-97259 Promote O83 to stable\n\n- Complete Opera 83.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-83/\n\n- Update to 83.0.4254.16\n\n - DNA-96968 Fix alignment of the 'Advanced' button in Settings\n\n- Update to 83.0.4254.14\n\n - CHR-8701 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.45\n - CHR-8713 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.56\n - CHR-8723 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.71\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96822 Tab close resize behavior change\n - DNA-96861 Create Loomi Options menu\n - DNA-96904 Support Win11 snap layout popup\n - DNA-96951 Tab close animation broken\n - DNA-96991 Tab X button doesn’t work correctly\n - DNA-97027 Incorrect tab size after tab close\n- The update to chromium 97.0.4692.71 fixes following issues:\n CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,\n CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,\n CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,\n CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,\n CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,\n CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,\n CVE-2022-0118, CVE-2022-0120\n\n- Update to version 82.0.4227.58\n\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96890 Settings default browser not working for current\n user on Windows 7\n\n- Update to version 82.0.4227.43\n\n - CHR-8705 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.110\n - DNA-93284 Unstable\n obj/opera/desktop/common/installer_rc_generated/installer.res\n - DNA-95908 Interstitial/internal pages shown as NOT SECURE\n after visiting http site\n - DNA-96404 Opera doesn’t show on main screen when second screen\n is abruptly disconnected\n\n- The update to chromium 96.0.4664.110 fixes following issues:\n CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101,\n CVE-2021-4102\n\n- Update to version 82.0.4227.33\n\n - CHR-8689 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.93\n - DNA-96559 Tooltip popup looks bad in dark theme\n - DNA-96570 [Player] Tidal logging in via PLAY doesn’t work\n - DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks\n - DNA-96649 Update Meme button\n - DNA-96676 Add Icon in the Sidebar Setup\n - DNA-96677 Add default URL\n- The update to chromium 96.0.4664.93 fixes following issues:\n CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,\n CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,\n CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,\n CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,\n CVE-2021-4067, CVE-2021-4068\n\n- Update to version 82.0.4227.23\n\n - DNA-95632 With new au-logic UUID is set with delay and may be\n not set for pb-builds (when closing fast)\n - DNA-96349 Laggy tooltip animation\n - DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap\n version for Opera 82\n - DNA-96493 Create 'small' enticement in credit card autofill\n - DNA-96533 Opera 82 translations\n - DNA-96535 Make the URL configurable\n - DNA-96553 Add switch to whitelist test pages\n - DNA-96557 Links not opened from panel\n - DNA-96558 AdBlock bloks some trackers inside the panel\n - DNA-96568 [Player] Tidal in sidebar Player opens wrong site\n when logging in\n - DNA-96659 Siteprefs not applied after network service crash\n - DNA-96593 Promote O82 to stable\n\n- Complete Opera 82.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-82/\n\n- Update to version 82.0.4227.13\n\n - CHR-8668 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.45\n - DNA-76987 [Mac] Update desktop EULA with geolocation split\n - DNA-93388 Problem with symlinks on windows when creating\n file list\n - DNA-95734 Discarded Recently Closed items get revived\n after restart\n - DNA-96134 'Your profile has been updated' does not disappear\n - DNA-96190 Opera freezes when trying to drag expanded\n bookmark folder with nested subfolders\n - DNA-96223 Easy Files not working in Full Screen\n - DNA-96274 Checkout autofill shouldn't show used burner card\n - DNA-96275 Change the notification message for pausing\n multi-use cards\n - DNA-96295 'Video pop out' setting doesn't sync\n - DNA-96316 Highlight text wrong colour on dark mode\n - DNA-96326 Wrong translation Private Mode > Turkish\n - DNA-96351 macOS window controls are missing in full screen\n - DNA-96440 Update video URL\n - DNA-96448 add option to pin extension via rich hints\n - DNA-96453 Register user-chosen option on client-side, read on\n hint side\n - DNA-96454 Choosing an option from the settings menu should\n close the popup\n - DNA-96484 Enable AB test for a new autoupdater logic (for 50%)\n - DNA-96500 Add 'don't show me again' prefs to allowed whitelist\n - DNA-96538 Inline audiocomplete for www.mediaexpert.pl\n incorrectly suggested\n- The update to chromium 96.0.4664.45 fixes following issues:\n CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,\n CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,\n CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,\n CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,\n CVE-2021-38022\n \n\n- Update to version 81.0.4196.54\n\n - CHR-8644 Update chromium on desktop-stable-95-4196 to\n 95.0.4638.69\n - DNA-95773 ExtensionWebRequestApiTest crashes on mac\n - DNA-96062 Opera 81 translations\n - DNA-96134 “Your profile has been updated’ does not disappear\n - DNA-96274 Checkout autofill shouldn’t show used burner card\n - DNA-96275 Change the notification message for pausing\n multi-use cards\n - DNA-96440 Update video URL\n\n- The update to chromium 95.0.4638.69 fixes following issues:\n CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,\n CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004 \n\n- Update to version 81.0.4196.37\n\n - DNA-96008 Crash at\n content::WebContentsImpl::OpenURL(content::OpenURLParams const&)\n - DNA-96032 Closing the videoconference pop-up force leaving\n the meeting\n - DNA-96092 Crash at void\n opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)\n - DNA-96142 [Yat] Emoji icon cut off in URL for Yat\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2022-47", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0047-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2022:0047-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JVEGWNKSSGZPVVLVJKNT5ZEY54Z5RLV4/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2022:0047-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JVEGWNKSSGZPVVLVJKNT5ZEY54Z5RLV4/", }, { category: "self", summary: "SUSE CVE CVE-2021-37980 page", url: "https://www.suse.com/security/cve/CVE-2021-37980/", }, { category: "self", summary: "SUSE CVE CVE-2021-37997 page", url: "https://www.suse.com/security/cve/CVE-2021-37997/", }, { category: "self", summary: "SUSE CVE CVE-2021-37998 page", url: "https://www.suse.com/security/cve/CVE-2021-37998/", }, { category: "self", summary: "SUSE CVE CVE-2021-37999 page", url: "https://www.suse.com/security/cve/CVE-2021-37999/", }, { category: "self", summary: "SUSE CVE CVE-2021-38001 page", url: "https://www.suse.com/security/cve/CVE-2021-38001/", }, { category: "self", summary: "SUSE CVE CVE-2021-38002 page", url: "https://www.suse.com/security/cve/CVE-2021-38002/", }, { category: "self", summary: "SUSE CVE CVE-2021-38003 page", url: "https://www.suse.com/security/cve/CVE-2021-38003/", }, { category: "self", summary: "SUSE CVE CVE-2021-38004 page", url: "https://www.suse.com/security/cve/CVE-2021-38004/", }, { category: "self", summary: "SUSE CVE CVE-2021-38005 page", url: "https://www.suse.com/security/cve/CVE-2021-38005/", }, { category: "self", summary: "SUSE CVE CVE-2021-38006 page", url: "https://www.suse.com/security/cve/CVE-2021-38006/", }, { category: "self", summary: "SUSE CVE CVE-2021-38007 page", url: "https://www.suse.com/security/cve/CVE-2021-38007/", }, { category: "self", summary: "SUSE CVE CVE-2021-38008 page", url: "https://www.suse.com/security/cve/CVE-2021-38008/", }, { category: "self", summary: "SUSE CVE CVE-2021-38009 page", url: "https://www.suse.com/security/cve/CVE-2021-38009/", }, { category: "self", summary: "SUSE CVE CVE-2021-38010 page", url: "https://www.suse.com/security/cve/CVE-2021-38010/", }, { category: "self", summary: "SUSE CVE CVE-2021-38011 page", url: "https://www.suse.com/security/cve/CVE-2021-38011/", }, { category: "self", summary: "SUSE CVE CVE-2021-38012 page", url: "https://www.suse.com/security/cve/CVE-2021-38012/", }, { category: "self", summary: "SUSE CVE CVE-2021-38013 page", url: "https://www.suse.com/security/cve/CVE-2021-38013/", }, { category: "self", summary: "SUSE CVE CVE-2021-38014 page", url: "https://www.suse.com/security/cve/CVE-2021-38014/", }, { category: "self", summary: "SUSE CVE CVE-2021-38015 page", url: "https://www.suse.com/security/cve/CVE-2021-38015/", }, { category: "self", summary: "SUSE CVE CVE-2021-38016 page", url: "https://www.suse.com/security/cve/CVE-2021-38016/", }, { category: "self", summary: "SUSE CVE CVE-2021-38017 page", url: "https://www.suse.com/security/cve/CVE-2021-38017/", }, { category: "self", summary: "SUSE CVE CVE-2021-38019 page", url: "https://www.suse.com/security/cve/CVE-2021-38019/", }, { category: "self", summary: "SUSE CVE CVE-2021-38020 page", url: "https://www.suse.com/security/cve/CVE-2021-38020/", }, { category: "self", summary: "SUSE CVE CVE-2021-38021 page", url: "https://www.suse.com/security/cve/CVE-2021-38021/", }, { category: "self", summary: "SUSE CVE CVE-2021-38022 page", url: "https://www.suse.com/security/cve/CVE-2021-38022/", }, { category: "self", summary: "SUSE CVE CVE-2021-4052 page", url: "https://www.suse.com/security/cve/CVE-2021-4052/", }, { category: "self", summary: "SUSE CVE CVE-2021-4053 page", url: "https://www.suse.com/security/cve/CVE-2021-4053/", }, { category: "self", summary: "SUSE CVE CVE-2021-4054 page", url: "https://www.suse.com/security/cve/CVE-2021-4054/", }, { category: "self", summary: "SUSE CVE CVE-2021-4055 page", url: "https://www.suse.com/security/cve/CVE-2021-4055/", }, { category: "self", summary: "SUSE CVE CVE-2021-4056 page", url: "https://www.suse.com/security/cve/CVE-2021-4056/", }, { category: "self", summary: "SUSE CVE CVE-2021-4057 page", url: "https://www.suse.com/security/cve/CVE-2021-4057/", }, { category: "self", summary: "SUSE CVE CVE-2021-4058 page", url: "https://www.suse.com/security/cve/CVE-2021-4058/", }, { category: "self", summary: "SUSE CVE CVE-2021-4059 page", url: "https://www.suse.com/security/cve/CVE-2021-4059/", }, { category: "self", summary: "SUSE CVE CVE-2021-4061 page", url: "https://www.suse.com/security/cve/CVE-2021-4061/", }, { category: "self", summary: "SUSE CVE CVE-2021-4062 page", url: "https://www.suse.com/security/cve/CVE-2021-4062/", }, { category: "self", summary: "SUSE CVE CVE-2021-4063 page", url: "https://www.suse.com/security/cve/CVE-2021-4063/", }, { category: "self", summary: "SUSE CVE CVE-2021-4064 page", url: "https://www.suse.com/security/cve/CVE-2021-4064/", }, { category: "self", summary: "SUSE CVE CVE-2021-4065 page", url: "https://www.suse.com/security/cve/CVE-2021-4065/", }, { category: "self", summary: "SUSE CVE CVE-2021-4066 page", url: "https://www.suse.com/security/cve/CVE-2021-4066/", }, { category: "self", summary: "SUSE CVE CVE-2021-4067 page", url: "https://www.suse.com/security/cve/CVE-2021-4067/", }, { category: "self", summary: "SUSE CVE CVE-2021-4068 page", url: "https://www.suse.com/security/cve/CVE-2021-4068/", }, { category: "self", summary: "SUSE CVE CVE-2021-4078 page", url: "https://www.suse.com/security/cve/CVE-2021-4078/", }, { category: "self", summary: "SUSE CVE CVE-2021-4079 page", url: "https://www.suse.com/security/cve/CVE-2021-4079/", }, { category: "self", summary: "SUSE CVE CVE-2021-4098 page", url: "https://www.suse.com/security/cve/CVE-2021-4098/", }, { category: "self", summary: "SUSE CVE CVE-2021-4099 page", url: "https://www.suse.com/security/cve/CVE-2021-4099/", }, { category: "self", summary: "SUSE CVE CVE-2021-4100 page", url: "https://www.suse.com/security/cve/CVE-2021-4100/", }, { category: "self", summary: "SUSE CVE CVE-2021-4101 page", url: "https://www.suse.com/security/cve/CVE-2021-4101/", }, { category: "self", summary: "SUSE CVE CVE-2021-4102 page", url: "https://www.suse.com/security/cve/CVE-2021-4102/", }, { category: "self", summary: "SUSE CVE CVE-2022-0096 page", url: "https://www.suse.com/security/cve/CVE-2022-0096/", }, { category: "self", summary: "SUSE CVE CVE-2022-0097 page", url: "https://www.suse.com/security/cve/CVE-2022-0097/", }, { category: "self", summary: "SUSE CVE CVE-2022-0098 page", url: "https://www.suse.com/security/cve/CVE-2022-0098/", }, { category: "self", summary: "SUSE CVE CVE-2022-0099 page", url: "https://www.suse.com/security/cve/CVE-2022-0099/", }, { category: "self", summary: "SUSE CVE CVE-2022-0100 page", url: "https://www.suse.com/security/cve/CVE-2022-0100/", }, { category: "self", summary: "SUSE CVE CVE-2022-0101 page", url: "https://www.suse.com/security/cve/CVE-2022-0101/", }, { category: "self", summary: "SUSE CVE CVE-2022-0102 page", url: "https://www.suse.com/security/cve/CVE-2022-0102/", }, { category: "self", summary: "SUSE CVE CVE-2022-0103 page", url: "https://www.suse.com/security/cve/CVE-2022-0103/", }, { category: "self", summary: "SUSE CVE CVE-2022-0104 page", url: "https://www.suse.com/security/cve/CVE-2022-0104/", }, { category: "self", summary: "SUSE CVE CVE-2022-0105 page", url: "https://www.suse.com/security/cve/CVE-2022-0105/", }, { category: "self", summary: "SUSE CVE CVE-2022-0106 page", url: "https://www.suse.com/security/cve/CVE-2022-0106/", }, { category: "self", summary: "SUSE CVE CVE-2022-0107 page", url: "https://www.suse.com/security/cve/CVE-2022-0107/", }, { category: "self", summary: "SUSE CVE CVE-2022-0108 page", url: "https://www.suse.com/security/cve/CVE-2022-0108/", }, { category: "self", summary: "SUSE CVE CVE-2022-0109 page", url: "https://www.suse.com/security/cve/CVE-2022-0109/", }, { category: "self", summary: "SUSE CVE CVE-2022-0110 page", url: "https://www.suse.com/security/cve/CVE-2022-0110/", }, { category: "self", summary: "SUSE CVE CVE-2022-0111 page", url: "https://www.suse.com/security/cve/CVE-2022-0111/", }, { category: "self", summary: "SUSE CVE CVE-2022-0112 page", url: "https://www.suse.com/security/cve/CVE-2022-0112/", }, { category: "self", summary: "SUSE CVE CVE-2022-0113 page", url: "https://www.suse.com/security/cve/CVE-2022-0113/", }, { category: "self", summary: "SUSE CVE CVE-2022-0114 page", url: "https://www.suse.com/security/cve/CVE-2022-0114/", }, { category: "self", summary: "SUSE CVE CVE-2022-0115 page", url: "https://www.suse.com/security/cve/CVE-2022-0115/", }, { category: "self", summary: "SUSE CVE CVE-2022-0116 page", url: "https://www.suse.com/security/cve/CVE-2022-0116/", }, { category: "self", summary: "SUSE CVE CVE-2022-0117 page", url: "https://www.suse.com/security/cve/CVE-2022-0117/", }, { category: "self", summary: "SUSE CVE CVE-2022-0118 page", url: "https://www.suse.com/security/cve/CVE-2022-0118/", }, { category: "self", summary: "SUSE CVE CVE-2022-0120 page", url: "https://www.suse.com/security/cve/CVE-2022-0120/", }, { category: "self", summary: "SUSE CVE CVE-2022-0289 page", url: "https://www.suse.com/security/cve/CVE-2022-0289/", }, { category: "self", summary: "SUSE CVE CVE-2022-0290 page", url: "https://www.suse.com/security/cve/CVE-2022-0290/", }, { category: "self", summary: "SUSE CVE CVE-2022-0291 page", url: "https://www.suse.com/security/cve/CVE-2022-0291/", }, { category: "self", summary: "SUSE CVE CVE-2022-0292 page", url: "https://www.suse.com/security/cve/CVE-2022-0292/", }, { category: "self", summary: "SUSE CVE CVE-2022-0293 page", url: "https://www.suse.com/security/cve/CVE-2022-0293/", }, { category: "self", summary: "SUSE CVE CVE-2022-0294 page", url: "https://www.suse.com/security/cve/CVE-2022-0294/", }, { category: "self", summary: "SUSE CVE CVE-2022-0295 page", url: "https://www.suse.com/security/cve/CVE-2022-0295/", }, { category: "self", summary: "SUSE CVE CVE-2022-0296 page", url: "https://www.suse.com/security/cve/CVE-2022-0296/", }, { category: "self", summary: "SUSE CVE CVE-2022-0297 page", url: "https://www.suse.com/security/cve/CVE-2022-0297/", }, { category: "self", summary: "SUSE CVE CVE-2022-0298 page", url: "https://www.suse.com/security/cve/CVE-2022-0298/", }, { category: "self", summary: "SUSE CVE CVE-2022-0300 page", url: "https://www.suse.com/security/cve/CVE-2022-0300/", }, { category: "self", summary: "SUSE CVE CVE-2022-0301 page", url: "https://www.suse.com/security/cve/CVE-2022-0301/", }, { category: "self", summary: "SUSE CVE CVE-2022-0302 page", url: "https://www.suse.com/security/cve/CVE-2022-0302/", }, { category: "self", summary: "SUSE CVE CVE-2022-0304 page", url: "https://www.suse.com/security/cve/CVE-2022-0304/", }, { category: "self", summary: "SUSE CVE CVE-2022-0305 page", url: "https://www.suse.com/security/cve/CVE-2022-0305/", }, { category: "self", summary: "SUSE CVE CVE-2022-0306 page", url: "https://www.suse.com/security/cve/CVE-2022-0306/", }, { category: "self", summary: "SUSE CVE CVE-2022-0307 page", url: "https://www.suse.com/security/cve/CVE-2022-0307/", }, { category: "self", summary: "SUSE CVE CVE-2022-0308 page", url: "https://www.suse.com/security/cve/CVE-2022-0308/", }, { category: "self", summary: "SUSE CVE CVE-2022-0309 page", url: "https://www.suse.com/security/cve/CVE-2022-0309/", }, { category: "self", summary: "SUSE CVE CVE-2022-0310 page", url: "https://www.suse.com/security/cve/CVE-2022-0310/", }, { category: "self", summary: "SUSE CVE CVE-2022-0311 page", url: "https://www.suse.com/security/cve/CVE-2022-0311/", }, ], title: "Security update for opera", tracking: { current_release_date: "2022-02-20T17:01:21Z", generator: { date: "2022-02-20T17:01:21Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2022:0047-1", initial_release_date: "2022-02-20T17:01:21Z", revision_history: [ { date: "2022-02-20T17:01:21Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "opera-83.0.4254.27-lp153.2.33.1.x86_64", product: { name: "opera-83.0.4254.27-lp153.2.33.1.x86_64", product_id: "opera-83.0.4254.27-lp153.2.33.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.3 NonFree", product: { name: "openSUSE Leap 15.3 NonFree", product_id: "openSUSE Leap 15.3 NonFree", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "opera-83.0.4254.27-lp153.2.33.1.x86_64 as component of openSUSE Leap 15.3 NonFree", product_id: "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", }, product_reference: "opera-83.0.4254.27-lp153.2.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3 NonFree", }, ], }, vulnerabilities: [ { cve: "CVE-2021-37980", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37980", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37980", url: "https://www.suse.com/security/cve/CVE-2021-37980", }, { category: "external", summary: "SUSE Bug 1191463 for CVE-2021-37980", url: "https://bugzilla.suse.com/1191463", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "moderate", }, ], title: "CVE-2021-37980", }, { cve: "CVE-2021-37997", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37997", }, ], notes: [ { category: "general", text: "Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37997", url: "https://www.suse.com/security/cve/CVE-2021-37997", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37997", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-37997", }, { cve: "CVE-2021-37998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37998", }, ], notes: [ { category: "general", text: "Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37998", url: "https://www.suse.com/security/cve/CVE-2021-37998", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37998", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-37998", }, { cve: "CVE-2021-37999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37999", }, ], notes: [ { category: "general", text: "Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37999", url: "https://www.suse.com/security/cve/CVE-2021-37999", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37999", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-37999", }, { cve: "CVE-2021-38001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38001", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38001", url: "https://www.suse.com/security/cve/CVE-2021-38001", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38001", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38001", }, { cve: "CVE-2021-38002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38002", }, ], notes: [ { category: "general", text: "Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38002", url: "https://www.suse.com/security/cve/CVE-2021-38002", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38002", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38002", }, { cve: "CVE-2021-38003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38003", }, ], notes: [ { category: "general", text: "Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38003", url: "https://www.suse.com/security/cve/CVE-2021-38003", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38003", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38003", }, { cve: "CVE-2021-38004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38004", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38004", url: "https://www.suse.com/security/cve/CVE-2021-38004", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "moderate", }, ], title: "CVE-2021-38004", }, { cve: "CVE-2021-38005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38005", }, ], notes: [ { category: "general", text: "Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38005", url: "https://www.suse.com/security/cve/CVE-2021-38005", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38005", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38005", }, { cve: "CVE-2021-38006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38006", }, ], notes: [ { category: "general", text: "Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38006", url: "https://www.suse.com/security/cve/CVE-2021-38006", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38006", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38006", }, { cve: "CVE-2021-38007", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38007", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38007", url: "https://www.suse.com/security/cve/CVE-2021-38007", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38007", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38007", }, { cve: "CVE-2021-38008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38008", }, ], notes: [ { category: "general", text: "Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38008", url: "https://www.suse.com/security/cve/CVE-2021-38008", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38008", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38008", }, { cve: "CVE-2021-38009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38009", }, ], notes: [ { category: "general", text: "Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38009", url: "https://www.suse.com/security/cve/CVE-2021-38009", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38009", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38009", }, { cve: "CVE-2021-38010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38010", }, ], notes: [ { category: "general", text: "Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38010", url: "https://www.suse.com/security/cve/CVE-2021-38010", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38010", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38010", }, { cve: "CVE-2021-38011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38011", }, ], notes: [ { category: "general", text: "Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38011", url: "https://www.suse.com/security/cve/CVE-2021-38011", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38011", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38011", }, { cve: "CVE-2021-38012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38012", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38012", url: "https://www.suse.com/security/cve/CVE-2021-38012", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38012", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38012", }, { cve: "CVE-2021-38013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38013", }, ], notes: [ { category: "general", text: "Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38013", url: "https://www.suse.com/security/cve/CVE-2021-38013", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38013", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38013", }, { cve: "CVE-2021-38014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38014", }, ], notes: [ { category: "general", text: "Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38014", url: "https://www.suse.com/security/cve/CVE-2021-38014", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38014", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38014", }, { cve: "CVE-2021-38015", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38015", }, ], notes: [ { category: "general", text: "Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38015", url: "https://www.suse.com/security/cve/CVE-2021-38015", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38015", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38015", }, { cve: "CVE-2021-38016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38016", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38016", url: "https://www.suse.com/security/cve/CVE-2021-38016", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38016", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38016", }, { cve: "CVE-2021-38017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38017", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38017", url: "https://www.suse.com/security/cve/CVE-2021-38017", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38017", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38017", }, { cve: "CVE-2021-38019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38019", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38019", url: "https://www.suse.com/security/cve/CVE-2021-38019", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38019", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38019", }, { cve: "CVE-2021-38020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38020", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38020", url: "https://www.suse.com/security/cve/CVE-2021-38020", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38020", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38020", }, { cve: "CVE-2021-38021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38021", }, ], notes: [ { category: "general", text: "Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38021", url: "https://www.suse.com/security/cve/CVE-2021-38021", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38021", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38021", }, { cve: "CVE-2021-38022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38022", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38022", url: "https://www.suse.com/security/cve/CVE-2021-38022", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38022", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38022", }, { cve: "CVE-2021-4052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4052", }, ], notes: [ { category: "general", text: "Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4052", url: "https://www.suse.com/security/cve/CVE-2021-4052", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4052", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4052", }, { cve: "CVE-2021-4053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4053", }, ], notes: [ { category: "general", text: "Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4053", url: "https://www.suse.com/security/cve/CVE-2021-4053", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4053", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4053", }, { cve: "CVE-2021-4054", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4054", }, ], notes: [ { category: "general", text: "Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4054", url: "https://www.suse.com/security/cve/CVE-2021-4054", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4054", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4054", }, { cve: "CVE-2021-4055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4055", }, ], notes: [ { category: "general", text: "Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4055", url: "https://www.suse.com/security/cve/CVE-2021-4055", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4055", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4055", }, { cve: "CVE-2021-4056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4056", }, ], notes: [ { category: "general", text: "Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4056", url: "https://www.suse.com/security/cve/CVE-2021-4056", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4056", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4056", }, { cve: "CVE-2021-4057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4057", }, ], notes: [ { category: "general", text: "Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4057", url: "https://www.suse.com/security/cve/CVE-2021-4057", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4057", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4057", }, { cve: "CVE-2021-4058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4058", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4058", url: "https://www.suse.com/security/cve/CVE-2021-4058", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4058", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4058", }, { cve: "CVE-2021-4059", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4059", }, ], notes: [ { category: "general", text: "Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4059", url: "https://www.suse.com/security/cve/CVE-2021-4059", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4059", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4059", }, { cve: "CVE-2021-4061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4061", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4061", url: "https://www.suse.com/security/cve/CVE-2021-4061", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4061", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4061", }, { cve: "CVE-2021-4062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4062", }, ], notes: [ { category: "general", text: "Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4062", url: "https://www.suse.com/security/cve/CVE-2021-4062", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4062", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4062", }, { cve: "CVE-2021-4063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4063", }, ], notes: [ { category: "general", text: "Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4063", url: "https://www.suse.com/security/cve/CVE-2021-4063", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4063", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4063", }, { cve: "CVE-2021-4064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4064", }, ], notes: [ { category: "general", text: "Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4064", url: "https://www.suse.com/security/cve/CVE-2021-4064", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4064", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4064", }, { cve: "CVE-2021-4065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4065", }, ], notes: [ { category: "general", text: "Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4065", url: "https://www.suse.com/security/cve/CVE-2021-4065", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4065", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4065", }, { cve: "CVE-2021-4066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4066", }, ], notes: [ { category: "general", text: "Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4066", url: "https://www.suse.com/security/cve/CVE-2021-4066", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4066", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4066", }, { cve: "CVE-2021-4067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4067", }, ], notes: [ { category: "general", text: "Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4067", url: "https://www.suse.com/security/cve/CVE-2021-4067", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4067", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4067", }, { cve: "CVE-2021-4068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4068", }, ], notes: [ { category: "general", text: "Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4068", url: "https://www.suse.com/security/cve/CVE-2021-4068", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4068", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4068", }, { cve: "CVE-2021-4078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4078", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4078", url: "https://www.suse.com/security/cve/CVE-2021-4078", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4078", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4078", }, { cve: "CVE-2021-4079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4079", }, ], notes: [ { category: "general", text: "Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4079", url: "https://www.suse.com/security/cve/CVE-2021-4079", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4079", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4079", }, { cve: "CVE-2021-4098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4098", }, ], notes: [ { category: "general", text: "Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4098", url: "https://www.suse.com/security/cve/CVE-2021-4098", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4098", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4098", }, { cve: "CVE-2021-4099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4099", }, ], notes: [ { category: "general", text: "Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4099", url: "https://www.suse.com/security/cve/CVE-2021-4099", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4099", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4099", }, { cve: "CVE-2021-4100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4100", }, ], notes: [ { category: "general", text: "Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4100", url: "https://www.suse.com/security/cve/CVE-2021-4100", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4100", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4100", }, { cve: "CVE-2021-4101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4101", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4101", url: "https://www.suse.com/security/cve/CVE-2021-4101", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4101", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4101", }, { cve: "CVE-2021-4102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4102", }, ], notes: [ { category: "general", text: "Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4102", url: "https://www.suse.com/security/cve/CVE-2021-4102", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4102", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4102", }, { cve: "CVE-2022-0096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0096", }, ], notes: [ { category: "general", text: "Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0096", url: "https://www.suse.com/security/cve/CVE-2022-0096", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0096", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0096", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0096", }, { cve: "CVE-2022-0097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0097", }, ], notes: [ { category: "general", text: "Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0097", url: "https://www.suse.com/security/cve/CVE-2022-0097", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0097", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0097", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0097", }, { cve: "CVE-2022-0098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0098", }, ], notes: [ { category: "general", text: "Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0098", url: "https://www.suse.com/security/cve/CVE-2022-0098", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0098", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0098", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0098", }, { cve: "CVE-2022-0099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0099", }, ], notes: [ { category: "general", text: "Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0099", url: "https://www.suse.com/security/cve/CVE-2022-0099", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0099", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0099", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0099", }, { cve: "CVE-2022-0100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0100", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0100", url: "https://www.suse.com/security/cve/CVE-2022-0100", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0100", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0100", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0100", }, { cve: "CVE-2022-0101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0101", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0101", url: "https://www.suse.com/security/cve/CVE-2022-0101", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0101", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0101", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0101", }, { cve: "CVE-2022-0102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0102", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0102", url: "https://www.suse.com/security/cve/CVE-2022-0102", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0102", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0102", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0102", }, { cve: "CVE-2022-0103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0103", }, ], notes: [ { category: "general", text: "Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0103", url: "https://www.suse.com/security/cve/CVE-2022-0103", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0103", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0103", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0103", }, { cve: "CVE-2022-0104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0104", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0104", url: "https://www.suse.com/security/cve/CVE-2022-0104", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0104", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0104", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0104", }, { cve: "CVE-2022-0105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0105", }, ], notes: [ { category: "general", text: "Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0105", url: "https://www.suse.com/security/cve/CVE-2022-0105", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0105", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0105", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0105", }, { cve: "CVE-2022-0106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0106", }, ], notes: [ { category: "general", text: "Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0106", url: "https://www.suse.com/security/cve/CVE-2022-0106", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0106", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0106", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0106", }, { cve: "CVE-2022-0107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0107", }, ], notes: [ { category: "general", text: "Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0107", url: "https://www.suse.com/security/cve/CVE-2022-0107", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0107", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0107", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0107", }, { cve: "CVE-2022-0108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0108", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0108", url: "https://www.suse.com/security/cve/CVE-2022-0108", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0108", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1210731 for CVE-2022-0108", url: "https://bugzilla.suse.com/1210731", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0108", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0108", }, { cve: "CVE-2022-0109", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0109", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0109", url: "https://www.suse.com/security/cve/CVE-2022-0109", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0109", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0109", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0109", }, { cve: "CVE-2022-0110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0110", }, ], notes: [ { category: "general", text: "Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0110", url: "https://www.suse.com/security/cve/CVE-2022-0110", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0110", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0110", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0110", }, { cve: "CVE-2022-0111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0111", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0111", url: "https://www.suse.com/security/cve/CVE-2022-0111", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0111", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0111", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0111", }, { cve: "CVE-2022-0112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0112", }, ], notes: [ { category: "general", text: "Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0112", url: "https://www.suse.com/security/cve/CVE-2022-0112", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0112", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0112", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0112", }, { cve: "CVE-2022-0113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0113", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0113", url: "https://www.suse.com/security/cve/CVE-2022-0113", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0113", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0113", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0113", }, { cve: "CVE-2022-0114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0114", }, ], notes: [ { category: "general", text: "Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0114", url: "https://www.suse.com/security/cve/CVE-2022-0114", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0114", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0114", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0114", }, { cve: "CVE-2022-0115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0115", }, ], notes: [ { category: "general", text: "Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0115", url: "https://www.suse.com/security/cve/CVE-2022-0115", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0115", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0115", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0115", }, { cve: "CVE-2022-0116", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0116", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0116", url: "https://www.suse.com/security/cve/CVE-2022-0116", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0116", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0116", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0116", }, { cve: "CVE-2022-0117", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0117", }, ], notes: [ { category: "general", text: "Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0117", url: "https://www.suse.com/security/cve/CVE-2022-0117", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0117", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0117", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0117", }, { cve: "CVE-2022-0118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0118", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0118", url: "https://www.suse.com/security/cve/CVE-2022-0118", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0118", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0118", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0118", }, { cve: "CVE-2022-0120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0120", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0120", url: "https://www.suse.com/security/cve/CVE-2022-0120", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0120", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0120", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0120", }, { cve: "CVE-2022-0289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0289", }, ], notes: [ { category: "general", text: "Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0289", url: "https://www.suse.com/security/cve/CVE-2022-0289", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0289", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0289", }, { cve: "CVE-2022-0290", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0290", }, ], notes: [ { category: "general", text: "Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0290", url: "https://www.suse.com/security/cve/CVE-2022-0290", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0290", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0290", }, { cve: "CVE-2022-0291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0291", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0291", url: "https://www.suse.com/security/cve/CVE-2022-0291", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0291", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0291", }, { cve: "CVE-2022-0292", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0292", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0292", url: "https://www.suse.com/security/cve/CVE-2022-0292", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0292", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0292", }, { cve: "CVE-2022-0293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0293", }, ], notes: [ { category: "general", text: "Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0293", url: "https://www.suse.com/security/cve/CVE-2022-0293", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0293", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0293", }, { cve: "CVE-2022-0294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0294", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0294", url: "https://www.suse.com/security/cve/CVE-2022-0294", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0294", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0294", }, { cve: "CVE-2022-0295", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0295", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0295", url: "https://www.suse.com/security/cve/CVE-2022-0295", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0295", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0295", }, { cve: "CVE-2022-0296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0296", }, ], notes: [ { category: "general", text: "Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0296", url: "https://www.suse.com/security/cve/CVE-2022-0296", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0296", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0296", }, { cve: "CVE-2022-0297", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0297", }, ], notes: [ { category: "general", text: "Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0297", url: "https://www.suse.com/security/cve/CVE-2022-0297", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0297", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0297", }, { cve: "CVE-2022-0298", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0298", }, ], notes: [ { category: "general", text: "Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0298", url: "https://www.suse.com/security/cve/CVE-2022-0298", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0298", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0298", }, { cve: "CVE-2022-0300", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0300", }, ], notes: [ { category: "general", text: "Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0300", url: "https://www.suse.com/security/cve/CVE-2022-0300", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0300", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0300", }, { cve: "CVE-2022-0301", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0301", }, ], notes: [ { category: "general", text: "Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0301", url: "https://www.suse.com/security/cve/CVE-2022-0301", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0301", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0301", }, { cve: "CVE-2022-0302", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0302", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0302", url: "https://www.suse.com/security/cve/CVE-2022-0302", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0302", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0302", }, { cve: "CVE-2022-0304", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0304", }, ], notes: [ { category: "general", text: "Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0304", url: "https://www.suse.com/security/cve/CVE-2022-0304", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0304", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0304", }, { cve: "CVE-2022-0305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0305", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0305", url: "https://www.suse.com/security/cve/CVE-2022-0305", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0305", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0305", }, { cve: "CVE-2022-0306", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0306", }, ], notes: [ { category: "general", text: "Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0306", url: "https://www.suse.com/security/cve/CVE-2022-0306", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0306", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0306", }, { cve: "CVE-2022-0307", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0307", }, ], notes: [ { category: "general", text: "Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0307", url: "https://www.suse.com/security/cve/CVE-2022-0307", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0307", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0307", }, { cve: "CVE-2022-0308", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0308", }, ], notes: [ { category: "general", text: "Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0308", url: "https://www.suse.com/security/cve/CVE-2022-0308", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0308", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0308", }, { cve: "CVE-2022-0309", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0309", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0309", url: "https://www.suse.com/security/cve/CVE-2022-0309", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0309", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0309", }, { cve: "CVE-2022-0310", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0310", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0310", url: "https://www.suse.com/security/cve/CVE-2022-0310", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0310", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0310", }, { cve: "CVE-2022-0311", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0311", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0311", url: "https://www.suse.com/security/cve/CVE-2022-0311", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0311", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0311", }, ], }
opensuse-su-2022:0110-1
Vulnerability from csaf_opensuse
Published
2022-04-08 14:01
Modified
2022-04-08 14:01
Summary
Security update for opera
Notes
Title of the patch
Security update for opera
Description of the patch
This update for opera fixes the following issues:
Update to 85.0.4341.28
- CHR-8816 Update chromium on desktop-stable-99-4341
to 99.0.4844.84
- DNA-98092 Crash at views::MenuItemView::GetMenuController()
- DNA-98278 Translations for O85
- DNA-98320 [Mac] Unable to delete recent search entries
- DNA-98614 Show recent searches for non-BABE users
- DNA-98615 Allow removal of recent searches
- DNA-98616 Add recent searches to ‘old’ BABE
- DNA-98617 Make it possible to disable ad-blocker per-country
- DNA-98651 Remove Instagram and Facebook Messenger in Russia
- DNA-98653 Add flag #recent-searches
- DNA-98696 smoketest
PageInfoHistoryDataSourceTest.FormatTimestampString failing
- DNA-98703 Port Chromium issue 1309225 to Opera Stable
- The update to chromium 99.0.4844.84 fixes following issues:
CVE-2022-1096
- Changes in 85.0.4341.18
- CHR-8789 Update chromium on desktop-stable-99-4341 to
99.0.4844.51
- DNA-98059 [Linux] Crash at
opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled
- DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()
- DNA-98126 System crash dialog shown on macOS <= 10.15
- DNA-98331 [Snap] Meme generator cropping / resizing broken
- DNA-98394 Audio tab indicator set to 'muted' on
videoconferencing sites
- DNA-98481 Report errors in opauto_collector
- The update to chromium 99.0.4844.51 fixes following issues:
CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,
CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,
CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,
CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,
CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808,
CVE-2022-0809
- Changes in 85.0.4341.13
- DNA-94119 Upgrade curl to 7.81.0
- DNA-97849 [Mac monterey] System shortcut interfere with
Opera’s `ToggleSearchInOpenTabs` shortcut
- DNA-98204 Automatic popout happens when video is paused
- DNA-98231 Shortcuts are blocked by displayed tab tooltip
when triggered quickly after tooltip appears
- DNA-98321 Add thinlto-cache warnings to suppression list
- DNA-98395 Promote O85 to stable
- Complete Opera 85.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-85/
- Update to 84.0.4316.42
- DNA-94119 Upgrade curl to 7.81.0
- DNA-98092 Crash at views::MenuItemView::GetMenuController()
- DNA-98204 Automatic popout happens when video is paused
- DNA-98231 Shortcuts are blocked by displayed tab tooltip when
triggered quickly after tooltip appears
- Update to 84.0.4316.31
- CHR-8772 Update chromium on desktop-stable-98-4316 to
98.0.4758.109
- DNA-97573 [Win][Lin]”Close tab” button is not displayed on tabs
playing media when many tabs are open
- DNA-97729 cancelling the process uploading custom Wallpaper
crashes the browser
- DNA-97871 Google meet tab’s icons don’t fit on pinned tab
- DNA-97872 Tab is being unpinned when video conferencing
button is clicked
- DNA-98039 Dark theme top sites have black background
- DNA-98117 Clicking current tab information should hide tooltip
- Update to 84.0.4316.21
- CHR-8762 Update chromium on desktop-stable-98-4316 to
98.0.4758.102
- DNA-97333 ‘Add a site’ label on start page tile barely visible
- DNA-97691 Opera 84 translations
- DNA-97767 Wrong string in FR
- DNA-97855 Crash at
ScopedProfileKeepAlive::~ScopedProfileKeepAlive()
- DNA-97982 Enable #snap-upstream-implementation on all streams
- The update to chromium 98.0.4758.102 fixes following issues:
CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606,
CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610
- Update to 84.0.4316.14
- CHR-8753 Update chromium on desktop-stable-98-4316 to
98.0.4758.82
- DNA-97177 Battery saver – the icon looks bad for DPI!=100%
- DNA-97614 automatic video pop-out for most popular websites
broadcasting Winter Olympic Games 2022
- DNA-97804 Promote O84 to stable
- The update to chromium 98.0.4758.82 fixes following issues:
CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455,
CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459,
CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463,
CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467,
CVE-2022-0468, CVE-2022-0469, CVE-2022-0470
- Complete Opera 84.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-84/
- Update to 83.0.4254.54
- DNA-96581 Fast tab tooltip doesn’t always show related sites
with scrollable tab strip
- DNA-96608 Cannot drag a tab to create a new window
- DNA-96657 Do not make tab tooltip hoverable if there’s no
list of tabs
- DNA-97291 Crash at
opera::flow::FlowSessionImpl::RegisterDevice(base::OnceCallback)
- DNA-97468 Incorrect number of restored tabs when video-popout
is detached
- DNA-97476 Add retry to stapling during signing
- DNA-97609 Failing MetricsReporterTest.TimeSpent* smoketests
- Update to 83.0.4254.27
- CHR-8737 Update chromium on desktop-stable-97-4254 to
97.0.4692.99
- DNA-96336 [Mac] Translate new network installer slogan
- DNA-96678 Add battery level monitoring capability to
powerSavePrivate
- DNA-96939 Crash at
opera::ExternalVideoService::MarkAsManuallyClosed()
- DNA-97276 Enable #static-tab-audio-indicator on all streams
- The update to chromium 97.0.4692.99 fixes following issues:
CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,
CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,
CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,
CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,
CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310,
CVE-2022-0311
- Update to 83.0.4254.19
- DNA-96079 Turn on #automatic-video-popout on developer
- DNA-97070 Opera 83 translations
- DNA-97119 [LastCard] Stop showing used burner cards
- DNA-97131 Enable automatic-video-popout on all streams from
O84 on
- DNA-97257 Crash at
views::ImageButton::SetMinimumImageSize(gfx::Size const&)
- DNA-97259 Promote O83 to stable
- Complete Opera 83.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-83/
- Update to 83.0.4254.16
- DNA-96968 Fix alignment of the 'Advanced' button in Settings
- Update to 83.0.4254.14
- CHR-8701 Update chromium on desktop-stable-97-4254 to
97.0.4692.45
- CHR-8713 Update chromium on desktop-stable-97-4254 to
97.0.4692.56
- CHR-8723 Update chromium on desktop-stable-97-4254 to
97.0.4692.71
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96822 Tab close resize behavior change
- DNA-96861 Create Loomi Options menu
- DNA-96904 Support Win11 snap layout popup
- DNA-96951 Tab close animation broken
- DNA-96991 Tab X button doesn’t work correctly
- DNA-97027 Incorrect tab size after tab close
- The update to chromium 97.0.4692.71 fixes following issues:
CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,
CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,
CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,
CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,
CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,
CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,
CVE-2022-0118, CVE-2022-0120
- Update to version 82.0.4227.58
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96890 Settings default browser not working for current
user on Windows 7
- Update to version 82.0.4227.43
- CHR-8705 Update chromium on desktop-stable-96-4227 to
96.0.4664.110
- DNA-93284 Unstable
obj/opera/desktop/common/installer_rc_generated/installer.res
- DNA-95908 Interstitial/internal pages shown as NOT SECURE
after visiting http site
- DNA-96404 Opera doesn’t show on main screen when second screen
is abruptly disconnected
- The update to chromium 96.0.4664.110 fixes following issues:
CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101,
CVE-2021-4102
- Update to version 82.0.4227.33
- CHR-8689 Update chromium on desktop-stable-96-4227 to
96.0.4664.93
- DNA-96559 Tooltip popup looks bad in dark theme
- DNA-96570 [Player] Tidal logging in via PLAY doesn’t work
- DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks
- DNA-96649 Update Meme button
- DNA-96676 Add Icon in the Sidebar Setup
- DNA-96677 Add default URL
- The update to chromium 96.0.4664.93 fixes following issues:
CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,
CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,
CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,
CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,
CVE-2021-4067, CVE-2021-4068
- Update to version 82.0.4227.23
- DNA-95632 With new au-logic UUID is set with delay and may be
not set for pb-builds (when closing fast)
- DNA-96349 Laggy tooltip animation
- DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap
version for Opera 82
- DNA-96493 Create 'small' enticement in credit card autofill
- DNA-96533 Opera 82 translations
- DNA-96535 Make the URL configurable
- DNA-96553 Add switch to whitelist test pages
- DNA-96557 Links not opened from panel
- DNA-96558 AdBlock bloks some trackers inside the panel
- DNA-96568 [Player] Tidal in sidebar Player opens wrong site
when logging in
- DNA-96659 Siteprefs not applied after network service crash
- DNA-96593 Promote O82 to stable
- Complete Opera 82.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-82/
- Update to version 82.0.4227.13
- CHR-8668 Update chromium on desktop-stable-96-4227 to
96.0.4664.45
- DNA-76987 [Mac] Update desktop EULA with geolocation split
- DNA-93388 Problem with symlinks on windows when creating
file list
- DNA-95734 Discarded Recently Closed items get revived
after restart
- DNA-96134 'Your profile has been updated' does not disappear
- DNA-96190 Opera freezes when trying to drag expanded
bookmark folder with nested subfolders
- DNA-96223 Easy Files not working in Full Screen
- DNA-96274 Checkout autofill shouldn't show used burner card
- DNA-96275 Change the notification message for pausing
multi-use cards
- DNA-96295 'Video pop out' setting doesn't sync
- DNA-96316 Highlight text wrong colour on dark mode
- DNA-96326 Wrong translation Private Mode > Turkish
- DNA-96351 macOS window controls are missing in full screen
- DNA-96440 Update video URL
- DNA-96448 add option to pin extension via rich hints
- DNA-96453 Register user-chosen option on client-side, read on
hint side
- DNA-96454 Choosing an option from the settings menu should
close the popup
- DNA-96484 Enable AB test for a new autoupdater logic (for 50%)
- DNA-96500 Add 'don't show me again' prefs to allowed whitelist
- DNA-96538 Inline audiocomplete for www.mediaexpert.pl
incorrectly suggested
- The update to chromium 96.0.4664.45 fixes following issues:
CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,
CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,
CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,
CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,
CVE-2021-38022
- Update to version 81.0.4196.54
- CHR-8644 Update chromium on desktop-stable-95-4196 to
95.0.4638.69
- DNA-95773 ExtensionWebRequestApiTest crashes on mac
- DNA-96062 Opera 81 translations
- DNA-96134 “Your profile has been updated’ does not disappear
- DNA-96274 Checkout autofill shouldn’t show used burner card
- DNA-96275 Change the notification message for pausing
multi-use cards
- DNA-96440 Update video URL
- The update to chromium 95.0.4638.69 fixes following issues:
CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,
CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004
- Update to version 81.0.4196.37
- DNA-96008 Crash at
content::WebContentsImpl::OpenURL(content::OpenURLParams const&)
- DNA-96032 Closing the videoconference pop-up force leaving
the meeting
- DNA-96092 Crash at void
opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)
- DNA-96142 [Yat] Emoji icon cut off in URL for Yat
- Update to version 81.0.4196.31
- DNA-95733 Implement the “Manage” menu in card details view
- DNA-95736 Update UI for paused card
- DNA-95791 Crash at base::operator<
- DNA-95794 Sometimes the sidebar UI fails to load
- DNA-95812 Retrieve cards info when showing autofill
- DNA-96035 Cannot create virtual card on Sandbox environment
- DNA-96147 “Buy” button does not work
- DNA-96168 Update contributors list
- DNA-96211 Enable #fast-tab-tooltip on all streams
- DNA-96231 Promote O81 to stable
- Complete Opera 80.1 changelog at:
https://blogs.opera.com/desktop/changelog-for-81/
- Update to version 81.0.4196.27
- CHR-8623 Update chromium on desktop-stable-95-4196 to
95.0.4638.54
- DNA-92384 Better segmenting of hint users
- DNA-95523 Allow sorting in multi-card view
- DNA-95659 Flow of Lastcard on first login
- DNA-95735 Implement the button that reveals full card
details
- DNA-95747 Better way to handle expired funding card
- DNA-95949 [Mac Retina] Clicking active tab should scroll
to the top
- DNA-95993 Update icon used for Yat in address bar dropdown
- DNA-96021 Cleared download item view is never deleted
- DNA-96036 Occupation field in 'Account – Edit' is shown
twice
- DNA-96127 Upgrade plan button does nothing
- DNA-96138 'Add Card' button does not change to
'Upgrade Plan' after adding card
- The update to chromium 95.0.4638.54 fixes following issues:
CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984,
CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988,
CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992,
CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996
- Update to version 80.0.4170.72
- DNA-95522 Change card view to show all types of cards
- DNA-95523 Allow sorting in multi-card view
- DNA-95524 Allow searching for cards by name
- DNA-95658 Allow user to add a card
- DNA-95659 Flow of Lastcard on first login
- DNA-95660 Implement editing card details
- DNA-95699 Add card details view
- DNA-95733 Implement the “Manage” menu in card details view
- DNA-95735 Implement the button that reveals full card details
- DNA-95736 Update UI for paused card
- DNA-95747 Better way to handle expired funding card
- DNA-95794 Sometimes the sidebar UI fails to load
- DNA-95812 Retrieve cards info when showing autofill
- DNA-96036 Occupation field in ‘Account – Edit’ is shown twice
- DNA-96127 Upgrade plan button does nothing
- DNA-96138 “Add Card” button does not change to “Upgrade Plan”
after adding card
- Update to version 80.0.4170.63
- CHR-8612 Update chromium on desktop-stable-94-4170 to
94.0.4606.81
- DNA-95434 Crash at opera::ThemesService::UpdateCurrentTheme()
- The update to chromium 94.0.4606.81 fixes following issues:
CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980
- Update to version 80.0.4170.40
- CHR-8598 Update chromium on desktop-stable-94-4170 to
94.0.4606.71
- DNA-95221 Emoji button stuck in address bar
- DNA-95325 Make y.at navigations to be reported with
page_views events
- DNA-95327 Add “Emojis” context menu option in address
bar field
- DNA-95339 Add YAT emoji url suggestion to search© dialog
- DNA-95416 Remove emoji button from address bar
- DNA-95439 Enable #yat-emoji-addresses on developer stream
- DNA-95441 [Mac big sur] Emoji are not shown in address
bar url
- DNA-95514 Crash at resource_coordinator::TabLifecycleUnitSource
::TabLifecycleUnit::OnLifecycleUnitStateChanged(mojom::
LifecycleUnitState, mojom::LifecycleUnitStateChangeReason)
- DNA-95746 Enable #reader-mode everywhere
- DNA-95865 Numbers are recognized as emojis
- DNA-95866 Change Yat text in selection popup
- DNA-95867 Show that buttons are clickable in selection popup
- The update to chromium 94.0.4606.71 fixes following issues:
CVE-2021-37974, CVE-2021-37975, CVE-2021-37976
- Update to version 80.0.4170.16
- CHR-8590 Update chromium on desktop-stable-94-4170
to 94.0.4606.61
- DNA-95347 Make InstallerStep::Run async
- DNA-95420 First suggestion in address field is often not
highlighted
- DNA-95613 Browser closing itself after closing SD/first tab
and last opened tab
- DNA-95725 Promote O80 to stable
- DNA-95781 Import fixes for CVE-2021-37975, CVE-2021-37976 and
CVE-2021-37974 to desktop-stable-94-4170
- Complete Opera 80.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-80/
- Drop Provides/Obsoletes for opera-gtk and opera-kde4
opera-gtk and opera-kde4 were last used in openSUSE 13.1
- Drop post/postun for desktop_database_post and
icon_theme_cache_post because were last used before
openSUSE 15.0
- Update to version 79.0.4143.72
- DNA-94933 Add emoji panel to address bar
- DNA-95210 Add emoji YAT address bar suggestions
- DNA-95221 Emoji button stuck in address bar
- DNA-95325 Make y.at navigations to be reported with page_views
events
- DNA-95327 Add “Emojis” context menu option in address bar field
- DNA-95339 Add YAT emoji url suggestion to search© dialog
- DNA-95364 Add browser feature flag
- DNA-95416 Remove emoji button from address bar
- DNA-95439 Enable #yat-emoji-addresses on developer stream
- DNA-95441 [Mac big sur] Emoji are not shown in address bar url
- DNA-95445 Crash when removing unsynced pinboard bookmark with
sync enabled
- DNA-95512 Allow to show title and timer for simple banners
- DNA-95516 Wrong label in settings for themes
- DNA-95679 Temporarily disable AB test for a new autoupdater
logic
- Update to version 79.0.4143.50
- CHR-8571 Update chromium on desktop-stable-93-4143
to 93.0.4577.82
- DNA-94104 ContinueShoppingOnEbayBrowserTest.ShouldDisplayOffers
TilesStartingWithMostActiveOnes fails
- DNA-94894 [Rich Hint] Agent API permissions
- DNA-94989 Wrong color and appearance of subpages in the settings
- DNA-95241 “Switch to tab” button is visible only on hover
- DNA-95286 Add unit tests to pinboard sync related logic in browser
- DNA-95372 [Mac retina screen] Snapshot doesnt capture cropped area
- DNA-95526 Some webstore extensions are not verified properly
- The update to chromium 93.0.4577.82 fixes following issues:
CVE-2021-30625, CVE-2021-30626, CVE-2021-30627, CVE-2021-30628,
CVE-2021-30629, CVE-2021-30630, CVE-2021-30631, CVE-2021-30632,
CVE-2021-30633
- Update to version 79.0.4143.22
- CHR-8550 Update chromium on desktop-stable-93-4143 to
93.0.4577.58
- CHR-8557 Update chromium on desktop-stable-93-4143 to
93.0.4577.63
- DNA-94641 [Linux] Proprietary media codecs not working in
snap builds
- DNA-95076 [Linux] Page crash with media content
- DNA-95084 [Mac] Cannot quit through menu with snapshot
editor open
- DNA-95138 Add setting to synchronize Pinboards
- DNA-95157 Crash at -[OperaCrApplication sendEvent:]
- DNA-95204 Opera 79 translations
- DNA-95240 The pinboard thumbnail cannot be generated anymore
- DNA-95278 Existing Pinboards might be missing
- DNA-95292 Enable #bookmarks-trash-cleaner on all streams
- DNA-95293 Enable #easy-files-downloads-folder on all streams
- DNA-95383 Promote O79 to stable
- Complete Opera 79.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-79/
- The update to chromium 93.0.4577.58 fixes following issues:
CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609,
CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613,
CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617,
CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621,
CVE-2021-30622, CVE-2021-30623, CVE-2021-30624
- Update to version 78.0.4093.184
- CHR-8533 Update chromium on desktop-stable-92-4093 to
92.0.4515.159
- DNA-93472 Reattaching to other browsers
- DNA-93741 Multiple hint slots
- DNA-93742 Allow displaying unobtrusive external hints
- DNA-93744 Add slots in toolbar action view
- DNA-94230 Improve text contrast for Speed Dials
- DNA-94724 [Mac] Add macOS dark theme wallpaper with easy setup
- DNA-94786 Crash at base::SupportsUserData::
SetUserData(void const*, std::__1::unique_ptr)
- DNA-94807 Allow scripts access opera version and product info
- DNA-94862 Continue on shopping Amazon doesn’t work correct
- DNA-94870 Add an addonsPrivate function to install with
permissions dialog first
- DNA-95064 Revert DNA-93714 on stable
- The update to chromium 92.0.4515.159 fixes following issues:
CVE-2021-30598, CVE-2021-30599, CVE-2021-30600, CVE-2021-30601,
CVE-2021-30602, CVE-2021-30603, CVE-2021-30604
- Update to version 78.0.4093.147
- CHR-8251 Update chromium on desktop-stable-92-4093
to 92.0.4515.131
- DNA-93036 Opera not starting after closing window.
Processes still working.
- DNA-94516 Add ‘Detach tab’ entry to tab menu
- DNA-94584 [Mac] Sidebar setup not closed after press
‘Add extensions’ button
- DNA-94761 Crash when trying to record “Chrome developer” trace
- DNA-94790 Crash at opera::VideoConferenceTabDetachController::
OnBrowserAboutToStartClosing(Browser*)
- The update to chromium 92.0.4515.131 fixes following issues:
CVE-2021-30590, CVE-2021-30591, CVE-2021-30592, CVE-2021-30593,
CVE-2021-30594, CVE-2021-30596, CVE-2021-30597
- Update to version 78.0.4093.112
- DNA-94466 Implement sorting Pinboards in overview
- DNA-94582 Add access to APIs for showing pinboard icon in
sidebar
- DNA-94603 Suspicious pinboards events
- DNA-94625 Disable opr.pinboardPrivate.getThumbnail() for
local files
- DNA-94640 Promote O78 to stable
- DNA-94661 Missing translations for some languages
- Complete Opera 78.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-78/
- Update to version 77.0.4054.277
- CHR-8502 Update chromium on desktop-stable-91-4054 to
91.0.4472.164
- DNA-94291 Video conference popout doesnt remember its size
after resizing
- DNA-94399 Incorrect icon for wp.pl in address bar dropdown
- DNA-94462 Low quality of default wallpaper on windows
- The update to chromium 91.0.4472.164 fixes following issues:
CVE-2021-30541, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562,
CVE-2021-30563, CVE-2021-30564
- Update to version 77.0.4054.254
- DNA-92344 Windows 10 Implementation
- DNA-92486 Replace ⓧ icon with “settings” icon
- DNA-92487 Close individual item
- DNA-92496 Create separate entry in settings for BABE
- DNA-93275 Implement cycles size according to design
- DNA-93280 The system theme has only half a checkmark
- DNA-93728 Whatsapp notification is not refreshed
- DNA-94047 Remove pinboard WebUI integration
- DNA-94118 Write test for ThumbnailTabHelper changes in DNA-94100
- DNA-94120 Fix Welcome popup layout
- DNA-94140 Crash at base::TaskRunner
::PostTask(base::Location const&, base::OnceCallback)
- DNA-94205 Consider setting pinboard display URL in
address_field_helper.cc
- DNA-94211 Easy Files don’t show thumbnails
- DNA-94309 Pinboards URLs don’t get lighter color treatment
- DNA-94318 Wrong ‘Transparency’ word translation in Swedish
- DNA-94321 AB test: google suggestions on top – bigger test
- DNA-94341 Make pinboard popup testable on web page
- DNA-94381 Disabling Pinboards doesn’t remove item from
menu / sidebar
- DNA-94392 Add u2f-devices interface to snap packages
- DNA-94461 Enable #system-theme on all streams
- Update to version 77.0.4054.203
- CHR-8475 Update chromium on desktop-stable-91-4054 to
91.0.4472.124
- DNA-93523 Crash at extensions::TabHelper::WebContentsDestroyed()
- DNA-93917 Upload snap to edge while preparing repository package
- DNA-94157 Crash at gfx::ICCProfile::operator=(gfx::ICCProfile const&)
- DNA-94159 Crash at opera::auth::AuthAccountServiceImpl::GetAuthAccount()
- DNA-94161 [Add tabs]Unexpected symbols instead of Workspace name
- DNA-94241 Implement better process killing for timeout
- DNA-94248 Allow retry on tests that timed-out
- DNA-94251 heap-use-after-free in VideoConference
- DNA-94315 Crash at class std::__1::basic_string ui::ResourceBundle::
LoadLocaleResources(const class std::__1::basic_string& const, bool)
- DNA-94357 Fix issue in scripts
- Update to version 77.0.4054.172
- DNA-93078 Do not display ‘share tab’ sliding toolbar on
detached tab
- DNA-93358 The red underline extends beyond the Google meets
conference tab outline
- DNA-93404 Crash in test when destroying BABE’s webcontents
- DNA-93637 ctrl+9 shortcut is inconsistent with other browsers
- DNA-93661 Add opauto test to cover new shortcut from DNA-93637
- DNA-93867 Use version from package instead of repository
- DNA-93993 Pinboard translations from Master
- DNA-94099 Increase new-autoupdater-logic AB test to cover
50% of new installations
- DNA-94100 Thumbnail doesn’t update
- DNA-94178 Automatic popout should not happen after manually
closing a popout
- Update to version 77.0.4054.146
- CHR-8458 Update chromium on desktop-stable-91-4054 to
91.0.4472.114
- DNA-92171 Create active linkdiscovery service
- DNA-92388 Fix and unskip
WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible
- DNA-93101 Tabs are being snoozed when tab snoozing is disabled
- DNA-93386 Update pinboard view when item changes
- DNA-93448 Make browser ready for Developer release
- DNA-93491 Fix failing tests after enabling #pinboard flag
- DNA-93498 Add additional music services
- DNA-93503 Blank popup on clicking toolbar icon with popup open
- DNA-93561 Do not allow zoom different from 100% in Pinboard popup
- DNA-93637 ctrl+9 shortcut is inconsistent with other browsers
- DNA-93644 Create route for `import open tabs` to `pinboard`
- DNA-93664 Adapt popup to design
- DNA-93702 Turn on flags on developer
- DNA-93737 [Pinboard] Remove Mock API
- DNA-93745 Unable to open the popup after opening it several times
- DNA-93776 Popup closes and reopens when clicking the toolbar button
- DNA-93786 DCHECK after opening popup
- DNA-93802 Crash at views::Widget::GetNativeView() const
- DNA-93810 Add pinboard icon to sidebar
- DNA-93825 Add pinboard to Opera menu
- DNA-93833 [Player] Implement seeking for new services
- DNA-93845 Do not log output of snapcraft on console
- DNA-93864 Create feature flag for start page sync banner
- DNA-93865 Implement start page banner
- DNA-93867 Use version from package instead of repository
- DNA-93878 [Player] Crash when current player service becomes
unavailable when user location changes
- DNA-93953 ‘Send image to Pinboard’ has the wrong position
in the context menu
- DNA-93987 Disable zooming popup contents like in other popups
- DNA-93989 Change internal URL to opera://pinboards
- DNA-93990 Update strings to reflect new standards
- DNA-93992 Add Pinboards to Opera settings
- DNA-93993 Pinboard translations from Master
- DNA-94011 Enable feature flags for Reborn 5 on stable
- DNA-94019 Add a direct link to settings
- DNA-94088 Internal pages provoke not saving other pages to
the Pinboard
- DNA-94111 [O77] Sidebar setup does not open
- DNA-94139 Crash at
opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget()
- The update to chromium 91.0.4472.114 fixes following issues:
CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557
- Update to version 77.0.4054.90
- CHR-8446 Update chromium on desktop-stable-91-4054 to
91.0.4472.101
- The update to chromium 91.0.4472.101 fixes following issues:
CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547,
CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551,
CVE-2021-30552, CVE-2021-30553
- Update to version 77.0.4054.80
- DNA-93656 Active cards in checkout Auto-fill
- DNA-93805 Create snap packages in buildsign
- DNA-93823 archive_opera_snap failures on Linux
- DNA-93844 Fix AttributeError in package_type.py
- Update to version 77.0.4054.64
- DNA-93159 Implement image(preview) of each created pinboard
- DNA-93273 ‘Send image to Pinboard’ doesn’t work correct on
staging server
- DNA-93277 Add/update opauto tests for the System Theme WP1
implementation p.1
- DNA-93286 [BigSur] YT not being reloaded when opened from link
- DNA-93296 Opera 77 translations
- DNA-93372 Build new edition for Axel Springer
- DNA-93376 Write unittests for PinboardImageCollector
- DNA-93401 [LastCard] Do not change user state if not needed
- DNA-93409 Animation with hat and glasses is missing in
Private mode
- DNA-93443 API opr.pinboardPrivate.getThumbnail() returns
old thumbnail image
- DNA-93509 Add Opera switch for pinboard staging backend
and use it for tests
- DNA-93519 [Sidebar] WhatsApp ‘Log out’ doesn’t work
- DNA-93634 Fix errors in Slovak translations
- DNA-93724 Some webstore extensions are not verified properly
- Complete Opera 77.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-77/
- Update to version 76.0.4017.177
- DNA-92597 Sound controller doesn’t work after pressing
‘Next’ button
- DNA-93405 Import vmp_signer instead of starting new python
process
- DNA-93406 [Mac] Import plist_util instead of calling script
in _generateAppEntitlements
- DNA-93442 Make GX Control panel attachable by webdriver
- DNA-93554 [AdBlock] Find a fix for blocking ‘new’ YouTube ads
- DNA-93587 Pre-refactor solution
- Update to version 76.0.4017.154
- CHR-8420 Update chromium on desktop-stable-90-4017 to
90.0.4430.212
- DNA-92411 Bookmarks breadcrumbs wrong color when pressed in
dark mode
- DNA-92587 Sync settings: “Use old password” button doesn’t work
- DNA-92672 Make it possible for agent to inject scripts into
startpage
- DNA-92712 Add SD reload API
- DNA-93190 The bookmark can’t be opened in Workspace 5-6
- DNA-93247 Reopen last closed tab shortcut opens random tab on
new window
- DNA-93294 Binary diff for opera_browser.dll is not created on
32-bit builds
- DNA-93313 Add opauto test to cover DNA-93190
- DNA-93368 Fix an error in Polish translation
- DNA-93408 [Windows] widevine_cdm_component_installer does not
compile on desktop-stable-90-4017
- The update to chromium 90.0.4430.212 fixes following issues:
CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509,
CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513,
CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517,
CVE-2021-30518, CVE-2021-30519, CVE-2021-30520
Patchnames
openSUSE-2022-110
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for opera", title: "Title of the patch", }, { category: "description", text: "This update for opera fixes the following issues:\n\nUpdate to 85.0.4341.28\n\n - CHR-8816 Update chromium on desktop-stable-99-4341\n to 99.0.4844.84\n - DNA-98092 Crash at views::MenuItemView::GetMenuController()\n - DNA-98278 Translations for O85\n - DNA-98320 [Mac] Unable to delete recent search entries\n - DNA-98614 Show recent searches for non-BABE users\n - DNA-98615 Allow removal of recent searches\n - DNA-98616 Add recent searches to ‘old’ BABE\n - DNA-98617 Make it possible to disable ad-blocker per-country\n - DNA-98651 Remove Instagram and Facebook Messenger in Russia\n - DNA-98653 Add flag #recent-searches\n - DNA-98696 smoketest \n PageInfoHistoryDataSourceTest.FormatTimestampString failing\n - DNA-98703 Port Chromium issue 1309225 to Opera Stable\n\n- The update to chromium 99.0.4844.84 fixes following issues: \n CVE-2022-1096\n- Changes in 85.0.4341.18\n\n - CHR-8789 Update chromium on desktop-stable-99-4341 to\n 99.0.4844.51\n - DNA-98059 [Linux] Crash at\n opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled\n - DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()\n - DNA-98126 System crash dialog shown on macOS <= 10.15\n - DNA-98331 [Snap] Meme generator cropping / resizing broken\n - DNA-98394 Audio tab indicator set to 'muted' on\n videoconferencing sites\n - DNA-98481 Report errors in opauto_collector\n- The update to chromium 99.0.4844.51 fixes following issues:\n CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,\n CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,\n CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,\n CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,\n CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808,\n CVE-2022-0809\n\n- Changes in 85.0.4341.13\n\n - DNA-94119 Upgrade curl to 7.81.0\n - DNA-97849 [Mac monterey] System shortcut interfere with\n Opera’s `ToggleSearchInOpenTabs` shortcut\n - DNA-98204 Automatic popout happens when video is paused\n - DNA-98231 Shortcuts are blocked by displayed tab tooltip\n when triggered quickly after tooltip appears\n - DNA-98321 Add thinlto-cache warnings to suppression list\n - DNA-98395 Promote O85 to stable\n\n- Complete Opera 85.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-85/\n\n- Update to 84.0.4316.42\n\n - DNA-94119 Upgrade curl to 7.81.0\n - DNA-98092 Crash at views::MenuItemView::GetMenuController()\n - DNA-98204 Automatic popout happens when video is paused\n - DNA-98231 Shortcuts are blocked by displayed tab tooltip when\n triggered quickly after tooltip appears\n\n- Update to 84.0.4316.31\n - CHR-8772 Update chromium on desktop-stable-98-4316 to\n 98.0.4758.109\n - DNA-97573 [Win][Lin]”Close tab” button is not displayed on tabs\n playing media when many tabs are open\n - DNA-97729 cancelling the process uploading custom Wallpaper\n crashes the browser\n - DNA-97871 Google meet tab’s icons don’t fit on pinned tab\n - DNA-97872 Tab is being unpinned when video conferencing\n button is clicked\n - DNA-98039 Dark theme top sites have black background\n - DNA-98117 Clicking current tab information should hide tooltip\n\n- Update to 84.0.4316.21\n - CHR-8762 Update chromium on desktop-stable-98-4316 to\n 98.0.4758.102\n - DNA-97333 ‘Add a site’ label on start page tile barely visible\n - DNA-97691 Opera 84 translations\n - DNA-97767 Wrong string in FR\n - DNA-97855 Crash at\n ScopedProfileKeepAlive::~ScopedProfileKeepAlive()\n - DNA-97982 Enable #snap-upstream-implementation on all streams\n- The update to chromium 98.0.4758.102 fixes following issues:\n CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, \n CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610\n\n- Update to 84.0.4316.14\n - CHR-8753 Update chromium on desktop-stable-98-4316 to\n 98.0.4758.82\n - DNA-97177 Battery saver – the icon looks bad for DPI!=100%\n - DNA-97614 automatic video pop-out for most popular websites\n broadcasting Winter Olympic Games 2022\n - DNA-97804 Promote O84 to stable\n- The update to chromium 98.0.4758.82 fixes following issues:\n CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455,\n CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459,\n CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463,\n CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467,\n CVE-2022-0468, CVE-2022-0469, CVE-2022-0470\n- Complete Opera 84.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-84/\n\n- Update to 83.0.4254.54\n - DNA-96581 Fast tab tooltip doesn’t always show related sites\n with scrollable tab strip\n - DNA-96608 Cannot drag a tab to create a new window\n - DNA-96657 Do not make tab tooltip hoverable if there’s no\n list of tabs\n - DNA-97291 Crash at \n opera::flow::FlowSessionImpl::RegisterDevice(base::OnceCallback)\n - DNA-97468 Incorrect number of restored tabs when video-popout\n is detached\n - DNA-97476 Add retry to stapling during signing\n - DNA-97609 Failing MetricsReporterTest.TimeSpent* smoketests\n\n- Update to 83.0.4254.27\n - CHR-8737 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.99\n - DNA-96336 [Mac] Translate new network installer slogan\n - DNA-96678 Add battery level monitoring capability to\n powerSavePrivate\n - DNA-96939 Crash at \n opera::ExternalVideoService::MarkAsManuallyClosed()\n - DNA-97276 Enable #static-tab-audio-indicator on all streams\n- The update to chromium 97.0.4692.99 fixes following issues:\n CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,\n CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,\n CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,\n CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,\n CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310,\n CVE-2022-0311\n\n- Update to 83.0.4254.19\n - DNA-96079 Turn on #automatic-video-popout on developer\n - DNA-97070 Opera 83 translations\n - DNA-97119 [LastCard] Stop showing used burner cards\n - DNA-97131 Enable automatic-video-popout on all streams from\n O84 on\n - DNA-97257 Crash at \n views::ImageButton::SetMinimumImageSize(gfx::Size const&)\n - DNA-97259 Promote O83 to stable\n- Complete Opera 83.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-83/\n- Update to 83.0.4254.16\n - DNA-96968 Fix alignment of the 'Advanced' button in Settings\n- Update to 83.0.4254.14\n - CHR-8701 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.45\n - CHR-8713 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.56\n - CHR-8723 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.71\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96822 Tab close resize behavior change\n - DNA-96861 Create Loomi Options menu\n - DNA-96904 Support Win11 snap layout popup\n - DNA-96951 Tab close animation broken\n - DNA-96991 Tab X button doesn’t work correctly\n - DNA-97027 Incorrect tab size after tab close\n- The update to chromium 97.0.4692.71 fixes following issues:\n CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,\n CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,\n CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,\n CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,\n CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,\n CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,\n CVE-2022-0118, CVE-2022-0120\n\n- Update to version 82.0.4227.58\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96890 Settings default browser not working for current\n user on Windows 7\n\n- Update to version 82.0.4227.43\n - CHR-8705 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.110\n - DNA-93284 Unstable\n obj/opera/desktop/common/installer_rc_generated/installer.res\n - DNA-95908 Interstitial/internal pages shown as NOT SECURE\n after visiting http site\n - DNA-96404 Opera doesn’t show on main screen when second screen\n is abruptly disconnected\n- The update to chromium 96.0.4664.110 fixes following issues:\n CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101,\n CVE-2021-4102\n\n- Update to version 82.0.4227.33\n - CHR-8689 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.93\n - DNA-96559 Tooltip popup looks bad in dark theme\n - DNA-96570 [Player] Tidal logging in via PLAY doesn’t work\n - DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks\n - DNA-96649 Update Meme button\n - DNA-96676 Add Icon in the Sidebar Setup\n - DNA-96677 Add default URL\n- The update to chromium 96.0.4664.93 fixes following issues:\n CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,\n CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,\n CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,\n CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,\n CVE-2021-4067, CVE-2021-4068\n\n- Update to version 82.0.4227.23\n - DNA-95632 With new au-logic UUID is set with delay and may be\n not set for pb-builds (when closing fast)\n - DNA-96349 Laggy tooltip animation\n - DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap\n version for Opera 82\n - DNA-96493 Create 'small' enticement in credit card autofill\n - DNA-96533 Opera 82 translations\n - DNA-96535 Make the URL configurable\n - DNA-96553 Add switch to whitelist test pages\n - DNA-96557 Links not opened from panel\n - DNA-96558 AdBlock bloks some trackers inside the panel\n - DNA-96568 [Player] Tidal in sidebar Player opens wrong site\n when logging in\n - DNA-96659 Siteprefs not applied after network service crash\n - DNA-96593 Promote O82 to stable\n- Complete Opera 82.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-82/\n- Update to version 82.0.4227.13\n - CHR-8668 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.45\n - DNA-76987 [Mac] Update desktop EULA with geolocation split\n - DNA-93388 Problem with symlinks on windows when creating\n file list\n - DNA-95734 Discarded Recently Closed items get revived\n after restart\n - DNA-96134 'Your profile has been updated' does not disappear\n - DNA-96190 Opera freezes when trying to drag expanded\n bookmark folder with nested subfolders\n - DNA-96223 Easy Files not working in Full Screen\n - DNA-96274 Checkout autofill shouldn't show used burner card\n - DNA-96275 Change the notification message for pausing\n multi-use cards\n - DNA-96295 'Video pop out' setting doesn't sync\n - DNA-96316 Highlight text wrong colour on dark mode\n - DNA-96326 Wrong translation Private Mode > Turkish\n - DNA-96351 macOS window controls are missing in full screen\n - DNA-96440 Update video URL\n - DNA-96448 add option to pin extension via rich hints\n - DNA-96453 Register user-chosen option on client-side, read on\n hint side\n - DNA-96454 Choosing an option from the settings menu should\n close the popup\n - DNA-96484 Enable AB test for a new autoupdater logic (for 50%)\n - DNA-96500 Add 'don't show me again' prefs to allowed whitelist\n - DNA-96538 Inline audiocomplete for www.mediaexpert.pl\n incorrectly suggested\n- The update to chromium 96.0.4664.45 fixes following issues:\n CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,\n CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,\n CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,\n CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,\n CVE-2021-38022\n \n\n- Update to version 81.0.4196.54\n - CHR-8644 Update chromium on desktop-stable-95-4196 to\n 95.0.4638.69\n - DNA-95773 ExtensionWebRequestApiTest crashes on mac\n - DNA-96062 Opera 81 translations\n - DNA-96134 “Your profile has been updated’ does not disappear\n - DNA-96274 Checkout autofill shouldn’t show used burner card\n - DNA-96275 Change the notification message for pausing\n multi-use cards\n - DNA-96440 Update video URL\n- The update to chromium 95.0.4638.69 fixes following issues:\n CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,\n CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004 \n- Update to version 81.0.4196.37\n - DNA-96008 Crash at\n content::WebContentsImpl::OpenURL(content::OpenURLParams const&)\n - DNA-96032 Closing the videoconference pop-up force leaving\n the meeting\n - DNA-96092 Crash at void\n opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)\n - DNA-96142 [Yat] Emoji icon cut off in URL for Yat\n\n- Update to version 81.0.4196.31\n - DNA-95733 Implement the “Manage” menu in card details view\n - DNA-95736 Update UI for paused card\n - DNA-95791 Crash at base::operator<\n - DNA-95794 Sometimes the sidebar UI fails to load\n - DNA-95812 Retrieve cards info when showing autofill\n - DNA-96035 Cannot create virtual card on Sandbox environment\n - DNA-96147 “Buy” button does not work\n - DNA-96168 Update contributors list\n - DNA-96211 Enable #fast-tab-tooltip on all streams\n - DNA-96231 Promote O81 to stable\n- Complete Opera 80.1 changelog at:\n https://blogs.opera.com/desktop/changelog-for-81/\n- Update to version 81.0.4196.27\n - CHR-8623 Update chromium on desktop-stable-95-4196 to\n 95.0.4638.54\n - DNA-92384 Better segmenting of hint users\n - DNA-95523 Allow sorting in multi-card view\n - DNA-95659 Flow of Lastcard on first login\n - DNA-95735 Implement the button that reveals full card\n details\n - DNA-95747 Better way to handle expired funding card\n - DNA-95949 [Mac Retina] Clicking active tab should scroll\n to the top\n - DNA-95993 Update icon used for Yat in address bar dropdown\n - DNA-96021 Cleared download item view is never deleted\n - DNA-96036 Occupation field in 'Account – Edit' is shown\n twice\n - DNA-96127 Upgrade plan button does nothing\n - DNA-96138 'Add Card' button does not change to\n 'Upgrade Plan' after adding card\n- The update to chromium 95.0.4638.54 fixes following issues:\n CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984,\n CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988,\n CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992,\n CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996\n\n- Update to version 80.0.4170.72\n - DNA-95522 Change card view to show all types of cards\n - DNA-95523 Allow sorting in multi-card view\n - DNA-95524 Allow searching for cards by name\n - DNA-95658 Allow user to add a card\n - DNA-95659 Flow of Lastcard on first login\n - DNA-95660 Implement editing card details\n - DNA-95699 Add card details view\n - DNA-95733 Implement the “Manage” menu in card details view\n - DNA-95735 Implement the button that reveals full card details\n - DNA-95736 Update UI for paused card\n - DNA-95747 Better way to handle expired funding card\n - DNA-95794 Sometimes the sidebar UI fails to load\n - DNA-95812 Retrieve cards info when showing autofill\n - DNA-96036 Occupation field in ‘Account – Edit’ is shown twice\n - DNA-96127 Upgrade plan button does nothing\n - DNA-96138 “Add Card” button does not change to “Upgrade Plan”\n after adding card\n\n- Update to version 80.0.4170.63\n - CHR-8612 Update chromium on desktop-stable-94-4170 to\n 94.0.4606.81\n - DNA-95434 Crash at opera::ThemesService::UpdateCurrentTheme()\n- The update to chromium 94.0.4606.81 fixes following issues:\n CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980\n\n- Update to version 80.0.4170.40\n - CHR-8598 Update chromium on desktop-stable-94-4170 to\n 94.0.4606.71\n - DNA-95221 Emoji button stuck in address bar\n - DNA-95325 Make y.at navigations to be reported with\n page_views events\n - DNA-95327 Add “Emojis” context menu option in address\n bar field\n - DNA-95339 Add YAT emoji url suggestion to search© dialog\n - DNA-95416 Remove emoji button from address bar\n - DNA-95439 Enable #yat-emoji-addresses on developer stream\n - DNA-95441 [Mac big sur] Emoji are not shown in address\n bar url\n - DNA-95514 Crash at resource_coordinator::TabLifecycleUnitSource\n ::TabLifecycleUnit::OnLifecycleUnitStateChanged(mojom::\n LifecycleUnitState, mojom::LifecycleUnitStateChangeReason)\n - DNA-95746 Enable #reader-mode everywhere\n - DNA-95865 Numbers are recognized as emojis\n - DNA-95866 Change Yat text in selection popup\n - DNA-95867 Show that buttons are clickable in selection popup\n- The update to chromium 94.0.4606.71 fixes following issues: \n CVE-2021-37974, CVE-2021-37975, CVE-2021-37976\n\n- Update to version 80.0.4170.16\n - CHR-8590 Update chromium on desktop-stable-94-4170\n to 94.0.4606.61\n - DNA-95347 Make InstallerStep::Run async\n - DNA-95420 First suggestion in address field is often not\n highlighted\n - DNA-95613 Browser closing itself after closing SD/first tab\n and last opened tab\n - DNA-95725 Promote O80 to stable\n - DNA-95781 Import fixes for CVE-2021-37975, CVE-2021-37976 and\n CVE-2021-37974 to desktop-stable-94-4170\n- Complete Opera 80.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-80/\n- Drop Provides/Obsoletes for opera-gtk and opera-kde4\n opera-gtk and opera-kde4 were last used in openSUSE 13.1\n- Drop post/postun for desktop_database_post and\n icon_theme_cache_post because were last used before\n openSUSE 15.0\n\n- Update to version 79.0.4143.72\n - DNA-94933 Add emoji panel to address bar\n - DNA-95210 Add emoji YAT address bar suggestions\n - DNA-95221 Emoji button stuck in address bar\n - DNA-95325 Make y.at navigations to be reported with page_views\n events\n - DNA-95327 Add “Emojis” context menu option in address bar field\n - DNA-95339 Add YAT emoji url suggestion to search© dialog\n - DNA-95364 Add browser feature flag\n - DNA-95416 Remove emoji button from address bar\n - DNA-95439 Enable #yat-emoji-addresses on developer stream\n - DNA-95441 [Mac big sur] Emoji are not shown in address bar url\n - DNA-95445 Crash when removing unsynced pinboard bookmark with\n sync enabled\n - DNA-95512 Allow to show title and timer for simple banners\n - DNA-95516 Wrong label in settings for themes\n - DNA-95679 Temporarily disable AB test for a new autoupdater\n logic\n\n- Update to version 79.0.4143.50\n - CHR-8571 Update chromium on desktop-stable-93-4143\n to 93.0.4577.82\n - DNA-94104 ContinueShoppingOnEbayBrowserTest.ShouldDisplayOffers\n TilesStartingWithMostActiveOnes fails\n - DNA-94894 [Rich Hint] Agent API permissions\n - DNA-94989 Wrong color and appearance of subpages in the settings\n - DNA-95241 “Switch to tab” button is visible only on hover\n - DNA-95286 Add unit tests to pinboard sync related logic in browser\n - DNA-95372 [Mac retina screen] Snapshot doesnt capture cropped area\n - DNA-95526 Some webstore extensions are not verified properly\n- The update to chromium 93.0.4577.82 fixes following issues:\n CVE-2021-30625, CVE-2021-30626, CVE-2021-30627, CVE-2021-30628,\n CVE-2021-30629, CVE-2021-30630, CVE-2021-30631, CVE-2021-30632,\n CVE-2021-30633\n\n- Update to version 79.0.4143.22\n - CHR-8550 Update chromium on desktop-stable-93-4143 to\n 93.0.4577.58\n - CHR-8557 Update chromium on desktop-stable-93-4143 to\n 93.0.4577.63\n - DNA-94641 [Linux] Proprietary media codecs not working in\n snap builds\n - DNA-95076 [Linux] Page crash with media content\n - DNA-95084 [Mac] Cannot quit through menu with snapshot\n editor open\n - DNA-95138 Add setting to synchronize Pinboards\n - DNA-95157 Crash at -[OperaCrApplication sendEvent:]\n - DNA-95204 Opera 79 translations\n - DNA-95240 The pinboard thumbnail cannot be generated anymore\n - DNA-95278 Existing Pinboards might be missing\n - DNA-95292 Enable #bookmarks-trash-cleaner on all streams\n - DNA-95293 Enable #easy-files-downloads-folder on all streams\n - DNA-95383 Promote O79 to stable\n- Complete Opera 79.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-79/ \n- The update to chromium 93.0.4577.58 fixes following issues:\n CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609,\n CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613,\n CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617,\n CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621,\n CVE-2021-30622, CVE-2021-30623, CVE-2021-30624\n\n- Update to version 78.0.4093.184\n - CHR-8533 Update chromium on desktop-stable-92-4093 to\n 92.0.4515.159\n - DNA-93472 Reattaching to other browsers\n - DNA-93741 Multiple hint slots\n - DNA-93742 Allow displaying unobtrusive external hints\n - DNA-93744 Add slots in toolbar action view\n - DNA-94230 Improve text contrast for Speed Dials\n - DNA-94724 [Mac] Add macOS dark theme wallpaper with easy setup\n - DNA-94786 Crash at base::SupportsUserData::\n SetUserData(void const*, std::__1::unique_ptr)\n - DNA-94807 Allow scripts access opera version and product info\n - DNA-94862 Continue on shopping Amazon doesn’t work correct\n - DNA-94870 Add an addonsPrivate function to install with\n permissions dialog first\n - DNA-95064 Revert DNA-93714 on stable\n- The update to chromium 92.0.4515.159 fixes following issues: \n CVE-2021-30598, CVE-2021-30599, CVE-2021-30600, CVE-2021-30601,\n CVE-2021-30602, CVE-2021-30603, CVE-2021-30604\n \n\n- Update to version 78.0.4093.147\n - CHR-8251 Update chromium on desktop-stable-92-4093\n to 92.0.4515.131\n - DNA-93036 Opera not starting after closing window.\n Processes still working.\n - DNA-94516 Add ‘Detach tab’ entry to tab menu\n - DNA-94584 [Mac] Sidebar setup not closed after press\n ‘Add extensions’ button\n - DNA-94761 Crash when trying to record “Chrome developer” trace\n - DNA-94790 Crash at opera::VideoConferenceTabDetachController::\n OnBrowserAboutToStartClosing(Browser*)\n- The update to chromium 92.0.4515.131 fixes following issues:\n CVE-2021-30590, CVE-2021-30591, CVE-2021-30592, CVE-2021-30593,\n CVE-2021-30594, CVE-2021-30596, CVE-2021-30597\n\n- Update to version 78.0.4093.112\n - DNA-94466 Implement sorting Pinboards in overview\n - DNA-94582 Add access to APIs for showing pinboard icon in\n sidebar\n - DNA-94603 Suspicious pinboards events\n - DNA-94625 Disable opr.pinboardPrivate.getThumbnail() for\n local files\n - DNA-94640 Promote O78 to stable\n - DNA-94661 Missing translations for some languages\n- Complete Opera 78.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-78/ \n\n- Update to version 77.0.4054.277\n - CHR-8502 Update chromium on desktop-stable-91-4054 to\n 91.0.4472.164\n - DNA-94291 Video conference popout doesnt remember its size\n after resizing\n - DNA-94399 Incorrect icon for wp.pl in address bar dropdown\n - DNA-94462 Low quality of default wallpaper on windows\n- The update to chromium 91.0.4472.164 fixes following issues:\n CVE-2021-30541, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562,\n CVE-2021-30563, CVE-2021-30564\n\n- Update to version 77.0.4054.254\n - DNA-92344 Windows 10 Implementation\n - DNA-92486 Replace ⓧ icon with “settings” icon\n - DNA-92487 Close individual item\n - DNA-92496 Create separate entry in settings for BABE\n - DNA-93275 Implement cycles size according to design\n - DNA-93280 The system theme has only half a checkmark\n - DNA-93728 Whatsapp notification is not refreshed\n - DNA-94047 Remove pinboard WebUI integration\n - DNA-94118 Write test for ThumbnailTabHelper changes in DNA-94100\n - DNA-94120 Fix Welcome popup layout\n - DNA-94140 Crash at base::TaskRunner\n ::PostTask(base::Location const&, base::OnceCallback)\n - DNA-94205 Consider setting pinboard display URL in\n address_field_helper.cc\n - DNA-94211 Easy Files don’t show thumbnails\n - DNA-94309 Pinboards URLs don’t get lighter color treatment\n - DNA-94318 Wrong ‘Transparency’ word translation in Swedish\n - DNA-94321 AB test: google suggestions on top – bigger test\n - DNA-94341 Make pinboard popup testable on web page\n - DNA-94381 Disabling Pinboards doesn’t remove item from\n menu / sidebar\n - DNA-94392 Add u2f-devices interface to snap packages\n - DNA-94461 Enable #system-theme on all streams\n\n- Update to version 77.0.4054.203\n - CHR-8475 Update chromium on desktop-stable-91-4054 to\n 91.0.4472.124\n - DNA-93523 Crash at extensions::TabHelper::WebContentsDestroyed()\n - DNA-93917 Upload snap to edge while preparing repository package\n - DNA-94157 Crash at gfx::ICCProfile::operator=(gfx::ICCProfile const&)\n - DNA-94159 Crash at opera::auth::AuthAccountServiceImpl::GetAuthAccount()\n - DNA-94161 [Add tabs]Unexpected symbols instead of Workspace name\n - DNA-94241 Implement better process killing for timeout\n - DNA-94248 Allow retry on tests that timed-out\n - DNA-94251 heap-use-after-free in VideoConference\n - DNA-94315 Crash at class std::__1::basic_string ui::ResourceBundle::\n LoadLocaleResources(const class std::__1::basic_string& const, bool)\n - DNA-94357 Fix issue in scripts\n\n- Update to version 77.0.4054.172\n - DNA-93078 Do not display ‘share tab’ sliding toolbar on\n detached tab\n - DNA-93358 The red underline extends beyond the Google meets\n conference tab outline\n - DNA-93404 Crash in test when destroying BABE’s webcontents\n - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers\n - DNA-93661 Add opauto test to cover new shortcut from DNA-93637\n - DNA-93867 Use version from package instead of repository\n - DNA-93993 Pinboard translations from Master\n - DNA-94099 Increase new-autoupdater-logic AB test to cover\n 50% of new installations\n - DNA-94100 Thumbnail doesn’t update\n - DNA-94178 Automatic popout should not happen after manually\n closing a popout\n\n- Update to version 77.0.4054.146\n - CHR-8458 Update chromium on desktop-stable-91-4054 to\n 91.0.4472.114\n - DNA-92171 Create active linkdiscovery service\n - DNA-92388 Fix and unskip \n WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible\n - DNA-93101 Tabs are being snoozed when tab snoozing is disabled\n - DNA-93386 Update pinboard view when item changes\n - DNA-93448 Make browser ready for Developer release\n - DNA-93491 Fix failing tests after enabling #pinboard flag\n - DNA-93498 Add additional music services\n - DNA-93503 Blank popup on clicking toolbar icon with popup open\n - DNA-93561 Do not allow zoom different from 100% in Pinboard popup\n - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers\n - DNA-93644 Create route for `import open tabs` to `pinboard`\n - DNA-93664 Adapt popup to design\n - DNA-93702 Turn on flags on developer\n - DNA-93737 [Pinboard] Remove Mock API\n - DNA-93745 Unable to open the popup after opening it several times\n - DNA-93776 Popup closes and reopens when clicking the toolbar button\n - DNA-93786 DCHECK after opening popup\n - DNA-93802 Crash at views::Widget::GetNativeView() const\n - DNA-93810 Add pinboard icon to sidebar\n - DNA-93825 Add pinboard to Opera menu\n - DNA-93833 [Player] Implement seeking for new services\n - DNA-93845 Do not log output of snapcraft on console\n - DNA-93864 Create feature flag for start page sync banner\n - DNA-93865 Implement start page banner\n - DNA-93867 Use version from package instead of repository\n - DNA-93878 [Player] Crash when current player service becomes\n unavailable when user location changes\n - DNA-93953 ‘Send image to Pinboard’ has the wrong position\n in the context menu\n - DNA-93987 Disable zooming popup contents like in other popups\n - DNA-93989 Change internal URL to opera://pinboards\n - DNA-93990 Update strings to reflect new standards\n - DNA-93992 Add Pinboards to Opera settings\n - DNA-93993 Pinboard translations from Master\n - DNA-94011 Enable feature flags for Reborn 5 on stable\n - DNA-94019 Add a direct link to settings\n - DNA-94088 Internal pages provoke not saving other pages to\n the Pinboard\n - DNA-94111 [O77] Sidebar setup does not open\n - DNA-94139 Crash at \n opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget()\n- The update to chromium 91.0.4472.114 fixes following issues:\n CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557\n\n- Update to version 77.0.4054.90\n - CHR-8446 Update chromium on desktop-stable-91-4054 to\n 91.0.4472.101\n- The update to chromium 91.0.4472.101 fixes following issues: \n CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547, \n CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551,\n CVE-2021-30552, CVE-2021-30553\n- Update to version 77.0.4054.80\n - DNA-93656 Active cards in checkout Auto-fill\n - DNA-93805 Create snap packages in buildsign\n - DNA-93823 archive_opera_snap failures on Linux\n - DNA-93844 Fix AttributeError in package_type.py\n \n\n- Update to version 77.0.4054.64\n - DNA-93159 Implement image(preview) of each created pinboard\n - DNA-93273 ‘Send image to Pinboard’ doesn’t work correct on\n staging server\n - DNA-93277 Add/update opauto tests for the System Theme WP1\n implementation p.1\n - DNA-93286 [BigSur] YT not being reloaded when opened from link\n - DNA-93296 Opera 77 translations\n - DNA-93372 Build new edition for Axel Springer\n - DNA-93376 Write unittests for PinboardImageCollector\n - DNA-93401 [LastCard] Do not change user state if not needed\n - DNA-93409 Animation with hat and glasses is missing in\n Private mode\n - DNA-93443 API opr.pinboardPrivate.getThumbnail() returns\n old thumbnail image\n - DNA-93509 Add Opera switch for pinboard staging backend\n and use it for tests\n - DNA-93519 [Sidebar] WhatsApp ‘Log out’ doesn’t work\n - DNA-93634 Fix errors in Slovak translations\n - DNA-93724 Some webstore extensions are not verified properly\n- Complete Opera 77.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-77/\n\n- Update to version 76.0.4017.177\n - DNA-92597 Sound controller doesn’t work after pressing\n ‘Next’ button\n - DNA-93405 Import vmp_signer instead of starting new python\n process\n - DNA-93406 [Mac] Import plist_util instead of calling script\n in _generateAppEntitlements\n - DNA-93442 Make GX Control panel attachable by webdriver\n - DNA-93554 [AdBlock] Find a fix for blocking ‘new’ YouTube ads\n - DNA-93587 Pre-refactor solution\n\n- Update to version 76.0.4017.154\n - CHR-8420 Update chromium on desktop-stable-90-4017 to\n 90.0.4430.212\n - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in\n dark mode\n - DNA-92587 Sync settings: “Use old password” button doesn’t work\n - DNA-92672 Make it possible for agent to inject scripts into\n startpage\n - DNA-92712 Add SD reload API\n - DNA-93190 The bookmark can’t be opened in Workspace 5-6\n - DNA-93247 Reopen last closed tab shortcut opens random tab on\n new window\n - DNA-93294 Binary diff for opera_browser.dll is not created on\n 32-bit builds\n - DNA-93313 Add opauto test to cover DNA-93190\n - DNA-93368 Fix an error in Polish translation\n - DNA-93408 [Windows] widevine_cdm_component_installer does not\n compile on desktop-stable-90-4017\n- The update to chromium 90.0.4430.212 fixes following issues: \n CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509,\n CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513,\n CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517,\n CVE-2021-30518, CVE-2021-30519, CVE-2021-30520\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2022-110", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0110-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2022:0110-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZOJPFVCOKYO6YUMKBJPTCF74IGAYK5K4/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2022:0110-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZOJPFVCOKYO6YUMKBJPTCF74IGAYK5K4/", }, { category: "self", summary: "SUSE CVE CVE-2021-30506 page", url: "https://www.suse.com/security/cve/CVE-2021-30506/", }, { category: "self", summary: "SUSE CVE CVE-2021-30507 page", url: "https://www.suse.com/security/cve/CVE-2021-30507/", }, { category: "self", summary: "SUSE CVE CVE-2021-30508 page", url: "https://www.suse.com/security/cve/CVE-2021-30508/", }, { category: "self", summary: "SUSE CVE CVE-2021-30509 page", url: "https://www.suse.com/security/cve/CVE-2021-30509/", }, { category: "self", summary: "SUSE CVE CVE-2021-30510 page", url: "https://www.suse.com/security/cve/CVE-2021-30510/", }, { category: "self", summary: "SUSE CVE CVE-2021-30511 page", url: "https://www.suse.com/security/cve/CVE-2021-30511/", }, { category: "self", summary: "SUSE CVE CVE-2021-30512 page", url: "https://www.suse.com/security/cve/CVE-2021-30512/", }, { category: "self", summary: "SUSE CVE CVE-2021-30513 page", url: "https://www.suse.com/security/cve/CVE-2021-30513/", }, { category: "self", summary: "SUSE CVE CVE-2021-30514 page", url: "https://www.suse.com/security/cve/CVE-2021-30514/", }, { category: "self", summary: "SUSE CVE CVE-2021-30515 page", url: "https://www.suse.com/security/cve/CVE-2021-30515/", }, { category: "self", summary: "SUSE CVE CVE-2021-30516 page", url: "https://www.suse.com/security/cve/CVE-2021-30516/", }, { category: "self", summary: "SUSE CVE CVE-2021-30517 page", url: "https://www.suse.com/security/cve/CVE-2021-30517/", }, { category: "self", summary: "SUSE CVE CVE-2021-30518 page", url: "https://www.suse.com/security/cve/CVE-2021-30518/", }, { category: "self", summary: "SUSE CVE CVE-2021-30519 page", url: "https://www.suse.com/security/cve/CVE-2021-30519/", }, { category: "self", summary: "SUSE CVE CVE-2021-30520 page", url: "https://www.suse.com/security/cve/CVE-2021-30520/", }, { category: "self", summary: "SUSE CVE CVE-2021-30541 page", url: "https://www.suse.com/security/cve/CVE-2021-30541/", }, { category: "self", summary: "SUSE CVE CVE-2021-30544 page", url: "https://www.suse.com/security/cve/CVE-2021-30544/", }, { category: "self", summary: "SUSE CVE CVE-2021-30545 page", url: "https://www.suse.com/security/cve/CVE-2021-30545/", }, { category: "self", summary: "SUSE CVE CVE-2021-30546 page", url: "https://www.suse.com/security/cve/CVE-2021-30546/", }, { category: "self", summary: "SUSE CVE CVE-2021-30547 page", url: "https://www.suse.com/security/cve/CVE-2021-30547/", }, { category: "self", summary: "SUSE CVE CVE-2021-30548 page", url: "https://www.suse.com/security/cve/CVE-2021-30548/", }, { category: "self", summary: "SUSE CVE CVE-2021-30549 page", url: "https://www.suse.com/security/cve/CVE-2021-30549/", }, { category: "self", summary: "SUSE CVE CVE-2021-30550 page", url: "https://www.suse.com/security/cve/CVE-2021-30550/", }, { category: "self", summary: "SUSE CVE CVE-2021-30551 page", url: "https://www.suse.com/security/cve/CVE-2021-30551/", }, { category: "self", summary: "SUSE CVE CVE-2021-30552 page", url: "https://www.suse.com/security/cve/CVE-2021-30552/", }, { category: "self", summary: "SUSE CVE CVE-2021-30553 page", url: "https://www.suse.com/security/cve/CVE-2021-30553/", }, { category: "self", summary: "SUSE CVE CVE-2021-30554 page", url: "https://www.suse.com/security/cve/CVE-2021-30554/", }, { category: "self", summary: "SUSE CVE CVE-2021-30555 page", url: "https://www.suse.com/security/cve/CVE-2021-30555/", }, { category: "self", summary: "SUSE CVE CVE-2021-30556 page", url: "https://www.suse.com/security/cve/CVE-2021-30556/", }, { category: "self", summary: "SUSE CVE CVE-2021-30557 page", url: "https://www.suse.com/security/cve/CVE-2021-30557/", }, { category: "self", summary: "SUSE CVE CVE-2021-30560 page", url: "https://www.suse.com/security/cve/CVE-2021-30560/", }, { category: "self", summary: "SUSE CVE CVE-2021-30561 page", url: "https://www.suse.com/security/cve/CVE-2021-30561/", }, { category: "self", summary: "SUSE CVE CVE-2021-30562 page", url: "https://www.suse.com/security/cve/CVE-2021-30562/", }, { category: "self", summary: "SUSE CVE CVE-2021-30563 page", url: "https://www.suse.com/security/cve/CVE-2021-30563/", }, { category: "self", summary: "SUSE CVE CVE-2021-30564 page", url: "https://www.suse.com/security/cve/CVE-2021-30564/", }, { category: "self", summary: "SUSE CVE CVE-2021-30590 page", url: "https://www.suse.com/security/cve/CVE-2021-30590/", }, { category: "self", summary: "SUSE CVE CVE-2021-30591 page", url: "https://www.suse.com/security/cve/CVE-2021-30591/", }, { category: "self", summary: "SUSE CVE CVE-2021-30592 page", url: "https://www.suse.com/security/cve/CVE-2021-30592/", }, { category: "self", summary: "SUSE CVE CVE-2021-30593 page", url: "https://www.suse.com/security/cve/CVE-2021-30593/", }, { category: "self", summary: "SUSE CVE CVE-2021-30594 page", url: "https://www.suse.com/security/cve/CVE-2021-30594/", }, { category: "self", summary: "SUSE CVE CVE-2021-30596 page", url: "https://www.suse.com/security/cve/CVE-2021-30596/", }, { category: "self", summary: "SUSE CVE CVE-2021-30597 page", url: "https://www.suse.com/security/cve/CVE-2021-30597/", }, { category: "self", summary: "SUSE CVE CVE-2021-30598 page", url: "https://www.suse.com/security/cve/CVE-2021-30598/", }, { category: "self", summary: "SUSE CVE CVE-2021-30599 page", url: "https://www.suse.com/security/cve/CVE-2021-30599/", }, { category: "self", summary: "SUSE CVE CVE-2021-30600 page", url: "https://www.suse.com/security/cve/CVE-2021-30600/", }, { category: "self", summary: "SUSE CVE CVE-2021-30601 page", url: "https://www.suse.com/security/cve/CVE-2021-30601/", }, { category: "self", summary: "SUSE CVE CVE-2021-30602 page", url: "https://www.suse.com/security/cve/CVE-2021-30602/", }, { category: "self", summary: "SUSE CVE CVE-2021-30603 page", url: "https://www.suse.com/security/cve/CVE-2021-30603/", }, { category: "self", summary: "SUSE CVE CVE-2021-30604 page", url: "https://www.suse.com/security/cve/CVE-2021-30604/", }, { category: "self", summary: "SUSE CVE CVE-2021-30606 page", url: "https://www.suse.com/security/cve/CVE-2021-30606/", }, { category: "self", summary: "SUSE CVE CVE-2021-30607 page", url: "https://www.suse.com/security/cve/CVE-2021-30607/", }, { category: "self", summary: "SUSE CVE CVE-2021-30608 page", url: "https://www.suse.com/security/cve/CVE-2021-30608/", }, { category: "self", summary: "SUSE CVE CVE-2021-30609 page", url: "https://www.suse.com/security/cve/CVE-2021-30609/", }, { category: "self", summary: "SUSE CVE CVE-2021-30610 page", url: "https://www.suse.com/security/cve/CVE-2021-30610/", }, { category: "self", summary: "SUSE CVE CVE-2021-30611 page", url: "https://www.suse.com/security/cve/CVE-2021-30611/", }, { category: "self", summary: "SUSE CVE CVE-2021-30612 page", url: "https://www.suse.com/security/cve/CVE-2021-30612/", }, { category: "self", summary: "SUSE CVE CVE-2021-30613 page", url: "https://www.suse.com/security/cve/CVE-2021-30613/", }, { category: "self", summary: "SUSE CVE CVE-2021-30614 page", url: "https://www.suse.com/security/cve/CVE-2021-30614/", }, { category: "self", summary: "SUSE CVE CVE-2021-30615 page", url: "https://www.suse.com/security/cve/CVE-2021-30615/", }, { category: "self", summary: "SUSE CVE CVE-2021-30616 page", url: "https://www.suse.com/security/cve/CVE-2021-30616/", }, { category: "self", summary: "SUSE CVE CVE-2021-30617 page", url: "https://www.suse.com/security/cve/CVE-2021-30617/", }, { category: "self", summary: "SUSE CVE CVE-2021-30618 page", url: "https://www.suse.com/security/cve/CVE-2021-30618/", }, { category: "self", summary: "SUSE CVE CVE-2021-30619 page", url: "https://www.suse.com/security/cve/CVE-2021-30619/", }, { category: "self", summary: "SUSE CVE CVE-2021-30620 page", url: "https://www.suse.com/security/cve/CVE-2021-30620/", }, { category: "self", summary: "SUSE CVE CVE-2021-30621 page", url: "https://www.suse.com/security/cve/CVE-2021-30621/", }, { category: "self", summary: "SUSE CVE CVE-2021-30622 page", url: "https://www.suse.com/security/cve/CVE-2021-30622/", }, { category: "self", summary: "SUSE CVE CVE-2021-30623 page", url: "https://www.suse.com/security/cve/CVE-2021-30623/", }, { category: "self", summary: "SUSE CVE CVE-2021-30624 page", url: "https://www.suse.com/security/cve/CVE-2021-30624/", }, { category: "self", summary: "SUSE CVE CVE-2021-30625 page", url: "https://www.suse.com/security/cve/CVE-2021-30625/", }, { category: "self", summary: "SUSE CVE CVE-2021-30626 page", url: "https://www.suse.com/security/cve/CVE-2021-30626/", }, { category: "self", summary: "SUSE CVE CVE-2021-30627 page", url: "https://www.suse.com/security/cve/CVE-2021-30627/", }, { category: "self", summary: "SUSE CVE CVE-2021-30628 page", url: "https://www.suse.com/security/cve/CVE-2021-30628/", }, { category: "self", summary: "SUSE CVE CVE-2021-30629 page", url: "https://www.suse.com/security/cve/CVE-2021-30629/", }, { category: "self", summary: "SUSE CVE CVE-2021-30630 page", url: "https://www.suse.com/security/cve/CVE-2021-30630/", }, { category: "self", summary: "SUSE CVE CVE-2021-30631 page", url: "https://www.suse.com/security/cve/CVE-2021-30631/", }, { category: "self", summary: "SUSE CVE CVE-2021-30632 page", url: "https://www.suse.com/security/cve/CVE-2021-30632/", }, { category: "self", summary: "SUSE CVE CVE-2021-30633 page", url: "https://www.suse.com/security/cve/CVE-2021-30633/", }, { category: "self", summary: "SUSE CVE CVE-2021-37974 page", url: "https://www.suse.com/security/cve/CVE-2021-37974/", }, { category: "self", summary: "SUSE CVE CVE-2021-37975 page", url: "https://www.suse.com/security/cve/CVE-2021-37975/", }, { category: "self", summary: "SUSE CVE CVE-2021-37976 page", url: "https://www.suse.com/security/cve/CVE-2021-37976/", }, { category: "self", summary: "SUSE CVE CVE-2021-37977 page", url: "https://www.suse.com/security/cve/CVE-2021-37977/", }, { category: "self", summary: "SUSE CVE CVE-2021-37978 page", url: "https://www.suse.com/security/cve/CVE-2021-37978/", }, { category: "self", summary: "SUSE CVE CVE-2021-37979 page", url: "https://www.suse.com/security/cve/CVE-2021-37979/", }, { category: "self", summary: "SUSE CVE CVE-2021-37980 page", url: "https://www.suse.com/security/cve/CVE-2021-37980/", }, { category: "self", summary: "SUSE CVE CVE-2021-37981 page", url: "https://www.suse.com/security/cve/CVE-2021-37981/", }, { category: "self", summary: "SUSE CVE CVE-2021-37982 page", url: "https://www.suse.com/security/cve/CVE-2021-37982/", }, { category: "self", summary: "SUSE CVE CVE-2021-37983 page", url: "https://www.suse.com/security/cve/CVE-2021-37983/", }, { category: "self", summary: "SUSE CVE CVE-2021-37984 page", url: "https://www.suse.com/security/cve/CVE-2021-37984/", }, { category: "self", summary: "SUSE CVE CVE-2021-37985 page", url: "https://www.suse.com/security/cve/CVE-2021-37985/", }, { category: "self", summary: "SUSE CVE CVE-2021-37986 page", url: "https://www.suse.com/security/cve/CVE-2021-37986/", }, { category: "self", summary: "SUSE CVE CVE-2021-37987 page", url: "https://www.suse.com/security/cve/CVE-2021-37987/", }, { category: "self", summary: "SUSE CVE CVE-2021-37988 page", url: "https://www.suse.com/security/cve/CVE-2021-37988/", }, { category: "self", summary: "SUSE CVE CVE-2021-37989 page", url: "https://www.suse.com/security/cve/CVE-2021-37989/", }, { category: "self", summary: "SUSE CVE CVE-2021-37990 page", url: "https://www.suse.com/security/cve/CVE-2021-37990/", }, { category: "self", summary: "SUSE CVE CVE-2021-37991 page", url: "https://www.suse.com/security/cve/CVE-2021-37991/", }, { category: "self", summary: "SUSE CVE CVE-2021-37992 page", url: "https://www.suse.com/security/cve/CVE-2021-37992/", }, { category: "self", summary: "SUSE CVE CVE-2021-37993 page", url: "https://www.suse.com/security/cve/CVE-2021-37993/", }, { category: "self", summary: "SUSE CVE CVE-2021-37994 page", url: "https://www.suse.com/security/cve/CVE-2021-37994/", }, { category: "self", summary: "SUSE CVE CVE-2021-37995 page", url: "https://www.suse.com/security/cve/CVE-2021-37995/", }, { category: "self", summary: "SUSE CVE CVE-2021-37996 page", url: "https://www.suse.com/security/cve/CVE-2021-37996/", }, { category: "self", summary: "SUSE CVE CVE-2021-37997 page", url: "https://www.suse.com/security/cve/CVE-2021-37997/", }, { category: "self", summary: "SUSE CVE CVE-2021-37998 page", url: "https://www.suse.com/security/cve/CVE-2021-37998/", }, { category: "self", summary: "SUSE CVE CVE-2021-37999 page", url: "https://www.suse.com/security/cve/CVE-2021-37999/", }, { category: "self", summary: "SUSE CVE CVE-2021-38001 page", url: "https://www.suse.com/security/cve/CVE-2021-38001/", }, { category: "self", summary: "SUSE CVE CVE-2021-38002 page", url: "https://www.suse.com/security/cve/CVE-2021-38002/", }, { category: "self", summary: "SUSE CVE CVE-2021-38003 page", url: "https://www.suse.com/security/cve/CVE-2021-38003/", }, { category: "self", summary: "SUSE CVE CVE-2021-38004 page", url: "https://www.suse.com/security/cve/CVE-2021-38004/", }, { category: "self", summary: "SUSE CVE CVE-2021-38005 page", url: "https://www.suse.com/security/cve/CVE-2021-38005/", }, { category: "self", summary: "SUSE CVE CVE-2021-38006 page", url: "https://www.suse.com/security/cve/CVE-2021-38006/", }, { category: "self", summary: "SUSE CVE CVE-2021-38007 page", url: "https://www.suse.com/security/cve/CVE-2021-38007/", }, { category: "self", summary: "SUSE CVE CVE-2021-38008 page", url: "https://www.suse.com/security/cve/CVE-2021-38008/", }, { category: "self", summary: "SUSE CVE CVE-2021-38009 page", url: "https://www.suse.com/security/cve/CVE-2021-38009/", }, { category: "self", summary: "SUSE CVE CVE-2021-38010 page", url: "https://www.suse.com/security/cve/CVE-2021-38010/", }, { category: "self", summary: "SUSE CVE CVE-2021-38011 page", url: "https://www.suse.com/security/cve/CVE-2021-38011/", }, { category: "self", summary: "SUSE CVE CVE-2021-38012 page", url: "https://www.suse.com/security/cve/CVE-2021-38012/", }, { category: "self", summary: "SUSE CVE CVE-2021-38013 page", url: "https://www.suse.com/security/cve/CVE-2021-38013/", }, { category: "self", summary: "SUSE CVE CVE-2021-38014 page", url: "https://www.suse.com/security/cve/CVE-2021-38014/", }, { category: "self", summary: "SUSE CVE CVE-2021-38015 page", url: "https://www.suse.com/security/cve/CVE-2021-38015/", }, { category: "self", summary: "SUSE CVE CVE-2021-38016 page", url: "https://www.suse.com/security/cve/CVE-2021-38016/", }, { category: "self", summary: "SUSE CVE CVE-2021-38017 page", url: "https://www.suse.com/security/cve/CVE-2021-38017/", }, { category: "self", summary: "SUSE CVE CVE-2021-38019 page", url: "https://www.suse.com/security/cve/CVE-2021-38019/", }, { category: "self", summary: "SUSE CVE CVE-2021-38020 page", url: "https://www.suse.com/security/cve/CVE-2021-38020/", }, { category: "self", summary: "SUSE CVE CVE-2021-38021 page", url: "https://www.suse.com/security/cve/CVE-2021-38021/", }, { category: "self", summary: "SUSE CVE CVE-2021-38022 page", url: "https://www.suse.com/security/cve/CVE-2021-38022/", }, { category: "self", summary: "SUSE CVE CVE-2021-4052 page", url: "https://www.suse.com/security/cve/CVE-2021-4052/", }, { category: "self", summary: "SUSE CVE CVE-2021-4053 page", url: "https://www.suse.com/security/cve/CVE-2021-4053/", }, { category: "self", summary: "SUSE CVE CVE-2021-4054 page", url: "https://www.suse.com/security/cve/CVE-2021-4054/", }, { category: "self", summary: "SUSE CVE CVE-2021-4055 page", url: "https://www.suse.com/security/cve/CVE-2021-4055/", }, { category: "self", summary: "SUSE CVE CVE-2021-4056 page", url: "https://www.suse.com/security/cve/CVE-2021-4056/", }, { category: "self", summary: "SUSE CVE CVE-2021-4057 page", url: "https://www.suse.com/security/cve/CVE-2021-4057/", }, { category: "self", summary: "SUSE CVE CVE-2021-4058 page", url: "https://www.suse.com/security/cve/CVE-2021-4058/", }, { category: "self", summary: "SUSE CVE CVE-2021-4059 page", url: "https://www.suse.com/security/cve/CVE-2021-4059/", }, { category: "self", summary: "SUSE CVE CVE-2021-4061 page", url: "https://www.suse.com/security/cve/CVE-2021-4061/", }, { category: "self", summary: "SUSE CVE CVE-2021-4062 page", url: "https://www.suse.com/security/cve/CVE-2021-4062/", }, { category: "self", summary: "SUSE CVE CVE-2021-4063 page", url: "https://www.suse.com/security/cve/CVE-2021-4063/", }, { category: "self", summary: "SUSE CVE CVE-2021-4064 page", url: "https://www.suse.com/security/cve/CVE-2021-4064/", }, { category: "self", summary: "SUSE CVE CVE-2021-4065 page", url: "https://www.suse.com/security/cve/CVE-2021-4065/", }, { category: "self", summary: "SUSE CVE CVE-2021-4066 page", url: "https://www.suse.com/security/cve/CVE-2021-4066/", }, { category: "self", summary: "SUSE CVE CVE-2021-4067 page", url: "https://www.suse.com/security/cve/CVE-2021-4067/", }, { category: "self", summary: "SUSE CVE CVE-2021-4068 page", url: "https://www.suse.com/security/cve/CVE-2021-4068/", }, { category: "self", summary: "SUSE CVE CVE-2021-4078 page", url: "https://www.suse.com/security/cve/CVE-2021-4078/", }, { category: "self", summary: "SUSE CVE CVE-2021-4079 page", url: "https://www.suse.com/security/cve/CVE-2021-4079/", }, { category: "self", summary: "SUSE CVE CVE-2021-4098 page", url: "https://www.suse.com/security/cve/CVE-2021-4098/", }, { category: "self", summary: "SUSE CVE CVE-2021-4099 page", url: "https://www.suse.com/security/cve/CVE-2021-4099/", }, { category: "self", summary: "SUSE CVE CVE-2021-4100 page", url: "https://www.suse.com/security/cve/CVE-2021-4100/", }, { category: "self", summary: "SUSE CVE CVE-2021-4101 page", url: "https://www.suse.com/security/cve/CVE-2021-4101/", }, { category: "self", summary: "SUSE CVE CVE-2021-4102 page", url: "https://www.suse.com/security/cve/CVE-2021-4102/", }, { category: "self", summary: "SUSE CVE CVE-2022-0096 page", url: "https://www.suse.com/security/cve/CVE-2022-0096/", }, { category: "self", summary: "SUSE CVE CVE-2022-0097 page", url: "https://www.suse.com/security/cve/CVE-2022-0097/", }, { category: "self", summary: "SUSE CVE CVE-2022-0098 page", url: "https://www.suse.com/security/cve/CVE-2022-0098/", }, { category: "self", summary: "SUSE CVE CVE-2022-0099 page", url: "https://www.suse.com/security/cve/CVE-2022-0099/", }, { category: "self", summary: "SUSE CVE CVE-2022-0100 page", url: "https://www.suse.com/security/cve/CVE-2022-0100/", }, { category: "self", summary: "SUSE CVE CVE-2022-0101 page", url: "https://www.suse.com/security/cve/CVE-2022-0101/", }, { category: "self", summary: "SUSE CVE CVE-2022-0102 page", url: "https://www.suse.com/security/cve/CVE-2022-0102/", }, { category: "self", summary: "SUSE CVE CVE-2022-0103 page", url: "https://www.suse.com/security/cve/CVE-2022-0103/", }, { category: "self", summary: "SUSE CVE CVE-2022-0104 page", url: "https://www.suse.com/security/cve/CVE-2022-0104/", }, { category: "self", summary: "SUSE CVE CVE-2022-0105 page", url: "https://www.suse.com/security/cve/CVE-2022-0105/", }, { category: "self", summary: "SUSE CVE CVE-2022-0106 page", url: "https://www.suse.com/security/cve/CVE-2022-0106/", }, { category: "self", summary: "SUSE CVE CVE-2022-0107 page", url: "https://www.suse.com/security/cve/CVE-2022-0107/", }, { category: "self", summary: "SUSE CVE CVE-2022-0108 page", url: "https://www.suse.com/security/cve/CVE-2022-0108/", }, { category: "self", summary: "SUSE CVE CVE-2022-0109 page", url: "https://www.suse.com/security/cve/CVE-2022-0109/", }, { category: "self", summary: "SUSE CVE CVE-2022-0110 page", url: "https://www.suse.com/security/cve/CVE-2022-0110/", }, { category: "self", summary: "SUSE CVE CVE-2022-0111 page", url: "https://www.suse.com/security/cve/CVE-2022-0111/", }, { category: "self", summary: "SUSE CVE CVE-2022-0112 page", url: "https://www.suse.com/security/cve/CVE-2022-0112/", }, { category: "self", summary: "SUSE CVE CVE-2022-0113 page", url: "https://www.suse.com/security/cve/CVE-2022-0113/", }, { category: "self", summary: "SUSE CVE CVE-2022-0114 page", url: "https://www.suse.com/security/cve/CVE-2022-0114/", }, { category: "self", summary: "SUSE CVE CVE-2022-0115 page", url: "https://www.suse.com/security/cve/CVE-2022-0115/", }, { category: "self", summary: "SUSE CVE CVE-2022-0116 page", url: "https://www.suse.com/security/cve/CVE-2022-0116/", }, { category: "self", summary: "SUSE CVE CVE-2022-0117 page", url: "https://www.suse.com/security/cve/CVE-2022-0117/", }, { category: "self", summary: "SUSE CVE CVE-2022-0118 page", url: "https://www.suse.com/security/cve/CVE-2022-0118/", }, { category: "self", summary: "SUSE CVE CVE-2022-0120 page", url: "https://www.suse.com/security/cve/CVE-2022-0120/", }, { category: "self", summary: "SUSE CVE CVE-2022-0289 page", url: "https://www.suse.com/security/cve/CVE-2022-0289/", }, { category: "self", summary: "SUSE CVE CVE-2022-0290 page", url: "https://www.suse.com/security/cve/CVE-2022-0290/", }, { category: "self", summary: "SUSE CVE CVE-2022-0291 page", url: "https://www.suse.com/security/cve/CVE-2022-0291/", }, { category: "self", summary: "SUSE CVE CVE-2022-0292 page", url: "https://www.suse.com/security/cve/CVE-2022-0292/", }, { category: "self", summary: "SUSE CVE CVE-2022-0293 page", url: "https://www.suse.com/security/cve/CVE-2022-0293/", }, { category: "self", summary: "SUSE CVE CVE-2022-0294 page", url: "https://www.suse.com/security/cve/CVE-2022-0294/", }, { category: "self", summary: "SUSE CVE CVE-2022-0295 page", url: "https://www.suse.com/security/cve/CVE-2022-0295/", }, { category: "self", summary: "SUSE CVE CVE-2022-0296 page", url: "https://www.suse.com/security/cve/CVE-2022-0296/", }, { category: "self", summary: "SUSE CVE CVE-2022-0297 page", url: "https://www.suse.com/security/cve/CVE-2022-0297/", }, { category: "self", summary: "SUSE CVE CVE-2022-0298 page", url: "https://www.suse.com/security/cve/CVE-2022-0298/", }, { category: "self", summary: "SUSE CVE CVE-2022-0300 page", url: "https://www.suse.com/security/cve/CVE-2022-0300/", }, { category: "self", summary: "SUSE CVE CVE-2022-0301 page", url: "https://www.suse.com/security/cve/CVE-2022-0301/", }, { category: "self", summary: "SUSE CVE CVE-2022-0302 page", url: "https://www.suse.com/security/cve/CVE-2022-0302/", }, { category: "self", summary: "SUSE CVE CVE-2022-0304 page", url: "https://www.suse.com/security/cve/CVE-2022-0304/", }, { category: "self", summary: "SUSE CVE CVE-2022-0305 page", url: "https://www.suse.com/security/cve/CVE-2022-0305/", }, { category: "self", summary: "SUSE CVE CVE-2022-0306 page", url: "https://www.suse.com/security/cve/CVE-2022-0306/", }, { category: "self", summary: "SUSE CVE CVE-2022-0307 page", url: "https://www.suse.com/security/cve/CVE-2022-0307/", }, { category: "self", summary: "SUSE CVE CVE-2022-0308 page", url: "https://www.suse.com/security/cve/CVE-2022-0308/", }, { category: "self", summary: "SUSE CVE CVE-2022-0309 page", url: "https://www.suse.com/security/cve/CVE-2022-0309/", }, { category: "self", summary: "SUSE CVE CVE-2022-0310 page", url: "https://www.suse.com/security/cve/CVE-2022-0310/", }, { category: "self", summary: "SUSE CVE CVE-2022-0311 page", url: "https://www.suse.com/security/cve/CVE-2022-0311/", }, { category: "self", summary: "SUSE CVE CVE-2022-0452 page", url: "https://www.suse.com/security/cve/CVE-2022-0452/", }, { category: "self", summary: "SUSE CVE CVE-2022-0453 page", url: "https://www.suse.com/security/cve/CVE-2022-0453/", }, { category: "self", summary: "SUSE CVE CVE-2022-0454 page", url: "https://www.suse.com/security/cve/CVE-2022-0454/", }, { category: "self", summary: "SUSE CVE CVE-2022-0455 page", url: "https://www.suse.com/security/cve/CVE-2022-0455/", }, { category: "self", summary: "SUSE CVE CVE-2022-0456 page", url: "https://www.suse.com/security/cve/CVE-2022-0456/", }, { category: "self", summary: "SUSE CVE CVE-2022-0457 page", url: "https://www.suse.com/security/cve/CVE-2022-0457/", }, { category: "self", summary: "SUSE CVE CVE-2022-0458 page", url: "https://www.suse.com/security/cve/CVE-2022-0458/", }, { category: "self", summary: "SUSE CVE CVE-2022-0459 page", url: "https://www.suse.com/security/cve/CVE-2022-0459/", }, { category: "self", summary: "SUSE CVE CVE-2022-0460 page", url: "https://www.suse.com/security/cve/CVE-2022-0460/", }, { category: "self", summary: "SUSE CVE CVE-2022-0461 page", url: "https://www.suse.com/security/cve/CVE-2022-0461/", }, { category: "self", summary: "SUSE CVE CVE-2022-0462 page", url: "https://www.suse.com/security/cve/CVE-2022-0462/", }, { category: "self", summary: "SUSE CVE CVE-2022-0463 page", url: "https://www.suse.com/security/cve/CVE-2022-0463/", }, { category: "self", summary: "SUSE CVE CVE-2022-0464 page", url: "https://www.suse.com/security/cve/CVE-2022-0464/", }, { category: "self", summary: "SUSE CVE CVE-2022-0465 page", url: "https://www.suse.com/security/cve/CVE-2022-0465/", }, { category: "self", summary: "SUSE CVE CVE-2022-0466 page", url: "https://www.suse.com/security/cve/CVE-2022-0466/", }, { category: "self", summary: "SUSE CVE CVE-2022-0467 page", url: "https://www.suse.com/security/cve/CVE-2022-0467/", }, { category: "self", summary: "SUSE CVE CVE-2022-0468 page", url: "https://www.suse.com/security/cve/CVE-2022-0468/", }, { category: "self", summary: "SUSE CVE CVE-2022-0469 page", url: "https://www.suse.com/security/cve/CVE-2022-0469/", }, { category: "self", summary: "SUSE CVE CVE-2022-0470 page", url: "https://www.suse.com/security/cve/CVE-2022-0470/", }, { category: "self", summary: "SUSE CVE CVE-2022-0603 page", url: "https://www.suse.com/security/cve/CVE-2022-0603/", }, { category: "self", summary: "SUSE CVE CVE-2022-0604 page", url: "https://www.suse.com/security/cve/CVE-2022-0604/", }, { category: "self", summary: "SUSE CVE CVE-2022-0605 page", url: "https://www.suse.com/security/cve/CVE-2022-0605/", }, { category: "self", summary: "SUSE CVE CVE-2022-0606 page", url: "https://www.suse.com/security/cve/CVE-2022-0606/", }, { category: "self", summary: "SUSE CVE CVE-2022-0607 page", url: "https://www.suse.com/security/cve/CVE-2022-0607/", }, { category: "self", summary: "SUSE CVE CVE-2022-0608 page", url: "https://www.suse.com/security/cve/CVE-2022-0608/", }, { category: "self", summary: "SUSE CVE CVE-2022-0609 page", url: "https://www.suse.com/security/cve/CVE-2022-0609/", }, { category: "self", summary: "SUSE CVE CVE-2022-0610 page", url: "https://www.suse.com/security/cve/CVE-2022-0610/", }, { category: "self", summary: "SUSE CVE CVE-2022-0789 page", url: "https://www.suse.com/security/cve/CVE-2022-0789/", }, { category: "self", summary: "SUSE CVE CVE-2022-0790 page", url: "https://www.suse.com/security/cve/CVE-2022-0790/", }, { category: "self", summary: "SUSE CVE CVE-2022-0791 page", url: "https://www.suse.com/security/cve/CVE-2022-0791/", }, { category: "self", summary: "SUSE CVE CVE-2022-0792 page", url: "https://www.suse.com/security/cve/CVE-2022-0792/", }, { category: "self", summary: "SUSE CVE CVE-2022-0793 page", url: "https://www.suse.com/security/cve/CVE-2022-0793/", }, { category: "self", summary: "SUSE CVE CVE-2022-0794 page", url: "https://www.suse.com/security/cve/CVE-2022-0794/", }, { category: "self", summary: "SUSE CVE CVE-2022-0795 page", url: "https://www.suse.com/security/cve/CVE-2022-0795/", }, { category: "self", summary: "SUSE CVE CVE-2022-0796 page", url: "https://www.suse.com/security/cve/CVE-2022-0796/", }, { category: "self", summary: "SUSE CVE CVE-2022-0797 page", url: "https://www.suse.com/security/cve/CVE-2022-0797/", }, { category: "self", summary: "SUSE CVE CVE-2022-0798 page", url: "https://www.suse.com/security/cve/CVE-2022-0798/", }, { category: "self", summary: "SUSE CVE CVE-2022-0799 page", url: "https://www.suse.com/security/cve/CVE-2022-0799/", }, { category: "self", summary: "SUSE CVE CVE-2022-0800 page", url: "https://www.suse.com/security/cve/CVE-2022-0800/", }, { category: "self", summary: "SUSE CVE CVE-2022-0801 page", url: "https://www.suse.com/security/cve/CVE-2022-0801/", }, { category: "self", summary: "SUSE CVE CVE-2022-0802 page", url: "https://www.suse.com/security/cve/CVE-2022-0802/", }, { category: "self", summary: "SUSE CVE CVE-2022-0803 page", url: "https://www.suse.com/security/cve/CVE-2022-0803/", }, { category: "self", summary: "SUSE CVE CVE-2022-0804 page", url: "https://www.suse.com/security/cve/CVE-2022-0804/", }, { category: "self", summary: "SUSE CVE CVE-2022-0805 page", url: "https://www.suse.com/security/cve/CVE-2022-0805/", }, { category: "self", summary: "SUSE CVE CVE-2022-0806 page", url: "https://www.suse.com/security/cve/CVE-2022-0806/", }, { category: "self", summary: "SUSE CVE CVE-2022-0807 page", url: "https://www.suse.com/security/cve/CVE-2022-0807/", }, { category: "self", summary: "SUSE CVE CVE-2022-0808 page", url: "https://www.suse.com/security/cve/CVE-2022-0808/", }, { category: "self", summary: "SUSE CVE CVE-2022-0809 page", url: "https://www.suse.com/security/cve/CVE-2022-0809/", }, { category: "self", summary: "SUSE CVE CVE-2022-1096 page", url: "https://www.suse.com/security/cve/CVE-2022-1096/", }, ], title: "Security update for opera", tracking: { current_release_date: "2022-04-08T14:01:17Z", generator: { date: "2022-04-08T14:01:17Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2022:0110-1", initial_release_date: "2022-04-08T14:01:17Z", revision_history: [ { date: "2022-04-08T14:01:17Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "opera-85.0.4341.28-lp154.2.5.1.x86_64", product: { name: "opera-85.0.4341.28-lp154.2.5.1.x86_64", product_id: "opera-85.0.4341.28-lp154.2.5.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.4 NonFree", product: { name: "openSUSE Leap 15.4 NonFree", product_id: "openSUSE Leap 15.4 NonFree", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "opera-85.0.4341.28-lp154.2.5.1.x86_64 as component of openSUSE Leap 15.4 NonFree", product_id: "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", }, product_reference: "opera-85.0.4341.28-lp154.2.5.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4 NonFree", }, ], }, vulnerabilities: [ { cve: "CVE-2021-30506", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30506", }, ], notes: [ { category: "general", text: "Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30506", url: "https://www.suse.com/security/cve/CVE-2021-30506", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30506", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30506", }, { cve: "CVE-2021-30507", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30507", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30507", url: "https://www.suse.com/security/cve/CVE-2021-30507", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30507", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30507", }, { cve: "CVE-2021-30508", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30508", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30508", url: "https://www.suse.com/security/cve/CVE-2021-30508", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30508", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30508", }, { cve: "CVE-2021-30509", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30509", }, ], notes: [ { category: "general", text: "Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30509", url: "https://www.suse.com/security/cve/CVE-2021-30509", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30509", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30509", }, { cve: "CVE-2021-30510", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30510", }, ], notes: [ { category: "general", text: "Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30510", url: "https://www.suse.com/security/cve/CVE-2021-30510", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30510", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30510", }, { cve: "CVE-2021-30511", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30511", }, ], notes: [ { category: "general", text: "Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30511", url: "https://www.suse.com/security/cve/CVE-2021-30511", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30511", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30511", }, { cve: "CVE-2021-30512", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30512", }, ], notes: [ { category: "general", text: "Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30512", url: "https://www.suse.com/security/cve/CVE-2021-30512", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30512", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30512", }, { cve: "CVE-2021-30513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30513", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30513", url: "https://www.suse.com/security/cve/CVE-2021-30513", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30513", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30513", }, { cve: "CVE-2021-30514", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30514", }, ], notes: [ { category: "general", text: "Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30514", url: "https://www.suse.com/security/cve/CVE-2021-30514", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30514", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30514", }, { cve: "CVE-2021-30515", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30515", }, ], notes: [ { category: "general", text: "Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30515", url: "https://www.suse.com/security/cve/CVE-2021-30515", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30515", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30515", }, { cve: "CVE-2021-30516", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30516", }, ], notes: [ { category: "general", text: "Heap buffer overflow in History in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30516", url: "https://www.suse.com/security/cve/CVE-2021-30516", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30516", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30516", }, { cve: "CVE-2021-30517", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30517", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30517", url: "https://www.suse.com/security/cve/CVE-2021-30517", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30517", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30517", }, { cve: "CVE-2021-30518", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30518", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30518", url: "https://www.suse.com/security/cve/CVE-2021-30518", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30518", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30518", }, { cve: "CVE-2021-30519", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30519", }, ], notes: [ { category: "general", text: "Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30519", url: "https://www.suse.com/security/cve/CVE-2021-30519", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30519", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30519", }, { cve: "CVE-2021-30520", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30520", }, ], notes: [ { category: "general", text: "Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30520", url: "https://www.suse.com/security/cve/CVE-2021-30520", }, { category: "external", summary: "SUSE Bug 1185908 for CVE-2021-30520", url: "https://bugzilla.suse.com/1185908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30520", }, { cve: "CVE-2021-30541", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30541", }, ], notes: [ { category: "general", text: "Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30541", url: "https://www.suse.com/security/cve/CVE-2021-30541", }, { category: "external", summary: "SUSE Bug 1188373 for CVE-2021-30541", url: "https://bugzilla.suse.com/1188373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30541", }, { cve: "CVE-2021-30544", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30544", }, ], notes: [ { category: "general", text: "Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30544", url: "https://www.suse.com/security/cve/CVE-2021-30544", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30544", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30544", }, { cve: "CVE-2021-30545", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30545", }, ], notes: [ { category: "general", text: "Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30545", url: "https://www.suse.com/security/cve/CVE-2021-30545", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30545", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30545", }, { cve: "CVE-2021-30546", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30546", }, ], notes: [ { category: "general", text: "Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30546", url: "https://www.suse.com/security/cve/CVE-2021-30546", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30546", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30546", }, { cve: "CVE-2021-30547", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30547", }, ], notes: [ { category: "general", text: "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30547", url: "https://www.suse.com/security/cve/CVE-2021-30547", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30547", url: "https://bugzilla.suse.com/1187141", }, { category: "external", summary: "SUSE Bug 1188275 for CVE-2021-30547", url: "https://bugzilla.suse.com/1188275", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30547", }, { cve: "CVE-2021-30548", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30548", }, ], notes: [ { category: "general", text: "Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30548", url: "https://www.suse.com/security/cve/CVE-2021-30548", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30548", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30548", }, { cve: "CVE-2021-30549", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30549", }, ], notes: [ { category: "general", text: "Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30549", url: "https://www.suse.com/security/cve/CVE-2021-30549", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30549", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30549", }, { cve: "CVE-2021-30550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30550", }, ], notes: [ { category: "general", text: "Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30550", url: "https://www.suse.com/security/cve/CVE-2021-30550", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30550", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30550", }, { cve: "CVE-2021-30551", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30551", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30551", url: "https://www.suse.com/security/cve/CVE-2021-30551", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30551", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30551", }, { cve: "CVE-2021-30552", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30552", }, ], notes: [ { category: "general", text: "Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30552", url: "https://www.suse.com/security/cve/CVE-2021-30552", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30552", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30552", }, { cve: "CVE-2021-30553", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30553", }, ], notes: [ { category: "general", text: "Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30553", url: "https://www.suse.com/security/cve/CVE-2021-30553", }, { category: "external", summary: "SUSE Bug 1187141 for CVE-2021-30553", url: "https://bugzilla.suse.com/1187141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30553", }, { cve: "CVE-2021-30554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30554", }, ], notes: [ { category: "general", text: "Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30554", url: "https://www.suse.com/security/cve/CVE-2021-30554", }, { category: "external", summary: "SUSE Bug 1187481 for CVE-2021-30554", url: "https://bugzilla.suse.com/1187481", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30554", }, { cve: "CVE-2021-30555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30555", }, ], notes: [ { category: "general", text: "Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30555", url: "https://www.suse.com/security/cve/CVE-2021-30555", }, { category: "external", summary: "SUSE Bug 1187481 for CVE-2021-30555", url: "https://bugzilla.suse.com/1187481", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30555", }, { cve: "CVE-2021-30556", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30556", }, ], notes: [ { category: "general", text: "Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30556", url: "https://www.suse.com/security/cve/CVE-2021-30556", }, { category: "external", summary: "SUSE Bug 1187481 for CVE-2021-30556", url: "https://bugzilla.suse.com/1187481", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30556", }, { cve: "CVE-2021-30557", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30557", }, ], notes: [ { category: "general", text: "Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30557", url: "https://www.suse.com/security/cve/CVE-2021-30557", }, { category: "external", summary: "SUSE Bug 1187481 for CVE-2021-30557", url: "https://bugzilla.suse.com/1187481", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30557", }, { cve: "CVE-2021-30560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30560", }, ], notes: [ { category: "general", text: "Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30560", url: "https://www.suse.com/security/cve/CVE-2021-30560", }, { category: "external", summary: "SUSE Bug 1188373 for CVE-2021-30560", url: "https://bugzilla.suse.com/1188373", }, { category: "external", summary: "SUSE Bug 1208574 for CVE-2021-30560", url: "https://bugzilla.suse.com/1208574", }, { category: "external", summary: "SUSE Bug 1211500 for CVE-2021-30560", url: "https://bugzilla.suse.com/1211500", }, { category: "external", summary: "SUSE Bug 1211501 for CVE-2021-30560", url: "https://bugzilla.suse.com/1211501", }, { category: "external", summary: "SUSE Bug 1211544 for CVE-2021-30560", url: "https://bugzilla.suse.com/1211544", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30560", }, { cve: "CVE-2021-30561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30561", }, ], notes: [ { category: "general", text: "Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30561", url: "https://www.suse.com/security/cve/CVE-2021-30561", }, { category: "external", summary: "SUSE Bug 1188373 for CVE-2021-30561", url: "https://bugzilla.suse.com/1188373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30561", }, { cve: "CVE-2021-30562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30562", }, ], notes: [ { category: "general", text: "Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30562", url: "https://www.suse.com/security/cve/CVE-2021-30562", }, { category: "external", summary: "SUSE Bug 1188373 for CVE-2021-30562", url: "https://bugzilla.suse.com/1188373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30562", }, { cve: "CVE-2021-30563", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30563", }, ], notes: [ { category: "general", text: "Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30563", url: "https://www.suse.com/security/cve/CVE-2021-30563", }, { category: "external", summary: "SUSE Bug 1188373 for CVE-2021-30563", url: "https://bugzilla.suse.com/1188373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30563", }, { cve: "CVE-2021-30564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30564", }, ], notes: [ { category: "general", text: "Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30564", url: "https://www.suse.com/security/cve/CVE-2021-30564", }, { category: "external", summary: "SUSE Bug 1188373 for CVE-2021-30564", url: "https://bugzilla.suse.com/1188373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-30564", }, { cve: "CVE-2021-30590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30590", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30590", url: "https://www.suse.com/security/cve/CVE-2021-30590", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30590", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30590", }, { cve: "CVE-2021-30591", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30591", }, ], notes: [ { category: "general", text: "Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30591", url: "https://www.suse.com/security/cve/CVE-2021-30591", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30591", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30591", }, { cve: "CVE-2021-30592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30592", }, ], notes: [ { category: "general", text: "Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30592", url: "https://www.suse.com/security/cve/CVE-2021-30592", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30592", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30592", }, { cve: "CVE-2021-30593", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30593", }, ], notes: [ { category: "general", text: "Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30593", url: "https://www.suse.com/security/cve/CVE-2021-30593", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30593", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30593", }, { cve: "CVE-2021-30594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30594", }, ], notes: [ { category: "general", text: "Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30594", url: "https://www.suse.com/security/cve/CVE-2021-30594", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30594", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30594", }, { cve: "CVE-2021-30596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30596", }, ], notes: [ { category: "general", text: "Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30596", url: "https://www.suse.com/security/cve/CVE-2021-30596", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30596", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30596", }, { cve: "CVE-2021-30597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30597", }, ], notes: [ { category: "general", text: "Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30597", url: "https://www.suse.com/security/cve/CVE-2021-30597", }, { category: "external", summary: "SUSE Bug 1189006 for CVE-2021-30597", url: "https://bugzilla.suse.com/1189006", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30597", }, { cve: "CVE-2021-30598", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30598", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30598", url: "https://www.suse.com/security/cve/CVE-2021-30598", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30598", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30598", }, { cve: "CVE-2021-30599", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30599", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30599", url: "https://www.suse.com/security/cve/CVE-2021-30599", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30599", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30599", }, { cve: "CVE-2021-30600", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30600", }, ], notes: [ { category: "general", text: "Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30600", url: "https://www.suse.com/security/cve/CVE-2021-30600", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30600", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30600", }, { cve: "CVE-2021-30601", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30601", }, ], notes: [ { category: "general", text: "Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30601", url: "https://www.suse.com/security/cve/CVE-2021-30601", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30601", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30601", }, { cve: "CVE-2021-30602", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30602", }, ], notes: [ { category: "general", text: "Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30602", url: "https://www.suse.com/security/cve/CVE-2021-30602", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30602", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30602", }, { cve: "CVE-2021-30603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30603", }, ], notes: [ { category: "general", text: "Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30603", url: "https://www.suse.com/security/cve/CVE-2021-30603", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30603", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30603", }, { cve: "CVE-2021-30604", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30604", }, ], notes: [ { category: "general", text: "Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30604", url: "https://www.suse.com/security/cve/CVE-2021-30604", }, { category: "external", summary: "SUSE Bug 1189490 for CVE-2021-30604", url: "https://bugzilla.suse.com/1189490", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30604", }, { cve: "CVE-2021-30606", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30606", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30606 Use after free in Blink", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30606", url: "https://www.suse.com/security/cve/CVE-2021-30606", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30606", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30606", }, { cve: "CVE-2021-30607", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30607", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30607 Use after free in Permissions", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30607", url: "https://www.suse.com/security/cve/CVE-2021-30607", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30607", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30607", }, { cve: "CVE-2021-30608", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30608", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30608 Use after free in Web Share", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30608", url: "https://www.suse.com/security/cve/CVE-2021-30608", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30608", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30608", }, { cve: "CVE-2021-30609", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30609", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30609 Use after free in Sign-In", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30609", url: "https://www.suse.com/security/cve/CVE-2021-30609", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30609", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30609", }, { cve: "CVE-2021-30610", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30610", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30610 Use after free in Extensions API", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30610", url: "https://www.suse.com/security/cve/CVE-2021-30610", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30610", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30610", }, { cve: "CVE-2021-30611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30611", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30611 Use after free in WebRTC", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30611", url: "https://www.suse.com/security/cve/CVE-2021-30611", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30611", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30611", }, { cve: "CVE-2021-30612", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30612", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30612 Use after free in WebRTC", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30612", url: "https://www.suse.com/security/cve/CVE-2021-30612", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30612", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30612", }, { cve: "CVE-2021-30613", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30613", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30613 Use after free in Base internals", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30613", url: "https://www.suse.com/security/cve/CVE-2021-30613", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30613", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30613", }, { cve: "CVE-2021-30614", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30614", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30614", url: "https://www.suse.com/security/cve/CVE-2021-30614", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30614", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30614", }, { cve: "CVE-2021-30615", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30615", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30615 Cross-origin data leak in Navigation", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30615", url: "https://www.suse.com/security/cve/CVE-2021-30615", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30615", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30615", }, { cve: "CVE-2021-30616", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30616", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30616 Use after free in Media", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30616", url: "https://www.suse.com/security/cve/CVE-2021-30616", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30616", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30616", }, { cve: "CVE-2021-30617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30617", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30617 Policy bypass in Blink", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30617", url: "https://www.suse.com/security/cve/CVE-2021-30617", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30617", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30617", }, { cve: "CVE-2021-30618", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30618", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30618 Inappropriate implementation in DevTools", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30618", url: "https://www.suse.com/security/cve/CVE-2021-30618", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30618", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30618", }, { cve: "CVE-2021-30619", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30619", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30619 UI Spoofing in Autofill", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30619", url: "https://www.suse.com/security/cve/CVE-2021-30619", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30619", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30619", }, { cve: "CVE-2021-30620", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30620", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30620", url: "https://www.suse.com/security/cve/CVE-2021-30620", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30620", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30620", }, { cve: "CVE-2021-30621", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30621", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30621 UI Spoofing in Autofill", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30621", url: "https://www.suse.com/security/cve/CVE-2021-30621", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30621", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30621", }, { cve: "CVE-2021-30622", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30622", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30622 Use after free in WebApp Installs", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30622", url: "https://www.suse.com/security/cve/CVE-2021-30622", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30622", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30622", }, { cve: "CVE-2021-30623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30623", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30623 Use after free in Bookmarks", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30623", url: "https://www.suse.com/security/cve/CVE-2021-30623", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30623", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30623", }, { cve: "CVE-2021-30624", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30624", }, ], notes: [ { category: "general", text: "Chromium: CVE-2021-30624 Use after free in Autofill", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30624", url: "https://www.suse.com/security/cve/CVE-2021-30624", }, { category: "external", summary: "SUSE Bug 1190096 for CVE-2021-30624", url: "https://bugzilla.suse.com/1190096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-30624", }, { cve: "CVE-2021-30625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30625", }, ], notes: [ { category: "general", text: "Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30625", url: "https://www.suse.com/security/cve/CVE-2021-30625", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30625", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30625", }, { cve: "CVE-2021-30626", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30626", }, ], notes: [ { category: "general", text: "Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30626", url: "https://www.suse.com/security/cve/CVE-2021-30626", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30626", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30626", }, { cve: "CVE-2021-30627", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30627", }, ], notes: [ { category: "general", text: "Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30627", url: "https://www.suse.com/security/cve/CVE-2021-30627", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30627", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30627", }, { cve: "CVE-2021-30628", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30628", }, ], notes: [ { category: "general", text: "Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30628", url: "https://www.suse.com/security/cve/CVE-2021-30628", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30628", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30628", }, { cve: "CVE-2021-30629", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30629", }, ], notes: [ { category: "general", text: "Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30629", url: "https://www.suse.com/security/cve/CVE-2021-30629", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30629", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30629", }, { cve: "CVE-2021-30630", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30630", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30630", url: "https://www.suse.com/security/cve/CVE-2021-30630", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30630", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30630", }, { cve: "CVE-2021-30631", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30631", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30631", url: "https://www.suse.com/security/cve/CVE-2021-30631", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30631", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30631", }, { cve: "CVE-2021-30632", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30632", }, ], notes: [ { category: "general", text: "Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30632", url: "https://www.suse.com/security/cve/CVE-2021-30632", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30632", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30632", }, { cve: "CVE-2021-30633", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-30633", }, ], notes: [ { category: "general", text: "Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-30633", url: "https://www.suse.com/security/cve/CVE-2021-30633", }, { category: "external", summary: "SUSE Bug 1190476 for CVE-2021-30633", url: "https://bugzilla.suse.com/1190476", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-30633", }, { cve: "CVE-2021-37974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37974", }, ], notes: [ { category: "general", text: "Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37974", url: "https://www.suse.com/security/cve/CVE-2021-37974", }, { category: "external", summary: "SUSE Bug 1191204 for CVE-2021-37974", url: "https://bugzilla.suse.com/1191204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-37974", }, { cve: "CVE-2021-37975", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37975", }, ], notes: [ { category: "general", text: "Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37975", url: "https://www.suse.com/security/cve/CVE-2021-37975", }, { category: "external", summary: "SUSE Bug 1191204 for CVE-2021-37975", url: "https://bugzilla.suse.com/1191204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-37975", }, { cve: "CVE-2021-37976", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37976", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37976", url: "https://www.suse.com/security/cve/CVE-2021-37976", }, { category: "external", summary: "SUSE Bug 1191204 for CVE-2021-37976", url: "https://bugzilla.suse.com/1191204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-37976", }, { cve: "CVE-2021-37977", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37977", }, ], notes: [ { category: "general", text: "Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37977", url: "https://www.suse.com/security/cve/CVE-2021-37977", }, { category: "external", summary: "SUSE Bug 1191463 for CVE-2021-37977", url: "https://bugzilla.suse.com/1191463", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37977", }, { cve: "CVE-2021-37978", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37978", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37978", url: "https://www.suse.com/security/cve/CVE-2021-37978", }, { category: "external", summary: "SUSE Bug 1191463 for CVE-2021-37978", url: "https://bugzilla.suse.com/1191463", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37978", }, { cve: "CVE-2021-37979", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37979", }, ], notes: [ { category: "general", text: "heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37979", url: "https://www.suse.com/security/cve/CVE-2021-37979", }, { category: "external", summary: "SUSE Bug 1191463 for CVE-2021-37979", url: "https://bugzilla.suse.com/1191463", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37979", }, { cve: "CVE-2021-37980", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37980", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37980", url: "https://www.suse.com/security/cve/CVE-2021-37980", }, { category: "external", summary: "SUSE Bug 1191463 for CVE-2021-37980", url: "https://bugzilla.suse.com/1191463", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37980", }, { cve: "CVE-2021-37981", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37981", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37981", url: "https://www.suse.com/security/cve/CVE-2021-37981", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37981", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37981", }, { cve: "CVE-2021-37982", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37982", }, ], notes: [ { category: "general", text: "Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37982", url: "https://www.suse.com/security/cve/CVE-2021-37982", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37982", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37982", }, { cve: "CVE-2021-37983", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37983", }, ], notes: [ { category: "general", text: "Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37983", url: "https://www.suse.com/security/cve/CVE-2021-37983", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37983", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37983", }, { cve: "CVE-2021-37984", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37984", }, ], notes: [ { category: "general", text: "Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37984", url: "https://www.suse.com/security/cve/CVE-2021-37984", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37984", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37984", }, { cve: "CVE-2021-37985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37985", }, ], notes: [ { category: "general", text: "Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37985", url: "https://www.suse.com/security/cve/CVE-2021-37985", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37985", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37985", }, { cve: "CVE-2021-37986", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37986", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37986", url: "https://www.suse.com/security/cve/CVE-2021-37986", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37986", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37986", }, { cve: "CVE-2021-37987", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37987", }, ], notes: [ { category: "general", text: "Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37987", url: "https://www.suse.com/security/cve/CVE-2021-37987", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37987", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37987", }, { cve: "CVE-2021-37988", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37988", }, ], notes: [ { category: "general", text: "Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37988", url: "https://www.suse.com/security/cve/CVE-2021-37988", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37988", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37988", }, { cve: "CVE-2021-37989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37989", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37989", url: "https://www.suse.com/security/cve/CVE-2021-37989", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37989", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37989", }, { cve: "CVE-2021-37990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37990", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37990", url: "https://www.suse.com/security/cve/CVE-2021-37990", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37990", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37990", }, { cve: "CVE-2021-37991", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37991", }, ], notes: [ { category: "general", text: "Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37991", url: "https://www.suse.com/security/cve/CVE-2021-37991", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37991", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37991", }, { cve: "CVE-2021-37992", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37992", }, ], notes: [ { category: "general", text: "Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37992", url: "https://www.suse.com/security/cve/CVE-2021-37992", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37992", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37992", }, { cve: "CVE-2021-37993", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37993", }, ], notes: [ { category: "general", text: "Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37993", url: "https://www.suse.com/security/cve/CVE-2021-37993", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37993", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37993", }, { cve: "CVE-2021-37994", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37994", }, ], notes: [ { category: "general", text: "Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37994", url: "https://www.suse.com/security/cve/CVE-2021-37994", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37994", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37994", }, { cve: "CVE-2021-37995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37995", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37995", url: "https://www.suse.com/security/cve/CVE-2021-37995", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37995", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37995", }, { cve: "CVE-2021-37996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37996", }, ], notes: [ { category: "general", text: "Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37996", url: "https://www.suse.com/security/cve/CVE-2021-37996", }, { category: "external", summary: "SUSE Bug 1191844 for CVE-2021-37996", url: "https://bugzilla.suse.com/1191844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-37996", }, { cve: "CVE-2021-37997", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37997", }, ], notes: [ { category: "general", text: "Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37997", url: "https://www.suse.com/security/cve/CVE-2021-37997", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37997", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-37997", }, { cve: "CVE-2021-37998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37998", }, ], notes: [ { category: "general", text: "Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37998", url: "https://www.suse.com/security/cve/CVE-2021-37998", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37998", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-37998", }, { cve: "CVE-2021-37999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37999", }, ], notes: [ { category: "general", text: "Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37999", url: "https://www.suse.com/security/cve/CVE-2021-37999", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37999", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-37999", }, { cve: "CVE-2021-38001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38001", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38001", url: "https://www.suse.com/security/cve/CVE-2021-38001", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38001", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38001", }, { cve: "CVE-2021-38002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38002", }, ], notes: [ { category: "general", text: "Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38002", url: "https://www.suse.com/security/cve/CVE-2021-38002", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38002", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38002", }, { cve: "CVE-2021-38003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38003", }, ], notes: [ { category: "general", text: "Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38003", url: "https://www.suse.com/security/cve/CVE-2021-38003", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38003", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38003", }, { cve: "CVE-2021-38004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38004", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38004", url: "https://www.suse.com/security/cve/CVE-2021-38004", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "moderate", }, ], title: "CVE-2021-38004", }, { cve: "CVE-2021-38005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38005", }, ], notes: [ { category: "general", text: "Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38005", url: "https://www.suse.com/security/cve/CVE-2021-38005", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38005", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38005", }, { cve: "CVE-2021-38006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38006", }, ], notes: [ { category: "general", text: "Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38006", url: "https://www.suse.com/security/cve/CVE-2021-38006", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38006", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38006", }, { cve: "CVE-2021-38007", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38007", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38007", url: "https://www.suse.com/security/cve/CVE-2021-38007", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38007", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38007", }, { cve: "CVE-2021-38008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38008", }, ], notes: [ { category: "general", text: "Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38008", url: "https://www.suse.com/security/cve/CVE-2021-38008", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38008", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38008", }, { cve: "CVE-2021-38009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38009", }, ], notes: [ { category: "general", text: "Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38009", url: "https://www.suse.com/security/cve/CVE-2021-38009", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38009", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38009", }, { cve: "CVE-2021-38010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38010", }, ], notes: [ { category: "general", text: "Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38010", url: "https://www.suse.com/security/cve/CVE-2021-38010", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38010", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38010", }, { cve: "CVE-2021-38011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38011", }, ], notes: [ { category: "general", text: "Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38011", url: "https://www.suse.com/security/cve/CVE-2021-38011", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38011", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38011", }, { cve: "CVE-2021-38012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38012", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38012", url: "https://www.suse.com/security/cve/CVE-2021-38012", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38012", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38012", }, { cve: "CVE-2021-38013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38013", }, ], notes: [ { category: "general", text: "Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38013", url: "https://www.suse.com/security/cve/CVE-2021-38013", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38013", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38013", }, { cve: "CVE-2021-38014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38014", }, ], notes: [ { category: "general", text: "Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38014", url: "https://www.suse.com/security/cve/CVE-2021-38014", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38014", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38014", }, { cve: "CVE-2021-38015", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38015", }, ], notes: [ { category: "general", text: "Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38015", url: "https://www.suse.com/security/cve/CVE-2021-38015", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38015", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38015", }, { cve: "CVE-2021-38016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38016", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38016", url: "https://www.suse.com/security/cve/CVE-2021-38016", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38016", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38016", }, { cve: "CVE-2021-38017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38017", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38017", url: "https://www.suse.com/security/cve/CVE-2021-38017", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38017", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38017", }, { cve: "CVE-2021-38019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38019", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38019", url: "https://www.suse.com/security/cve/CVE-2021-38019", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38019", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38019", }, { cve: "CVE-2021-38020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38020", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38020", url: "https://www.suse.com/security/cve/CVE-2021-38020", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38020", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38020", }, { cve: "CVE-2021-38021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38021", }, ], notes: [ { category: "general", text: "Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38021", url: "https://www.suse.com/security/cve/CVE-2021-38021", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38021", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38021", }, { cve: "CVE-2021-38022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38022", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38022", url: "https://www.suse.com/security/cve/CVE-2021-38022", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38022", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2021-38022", }, { cve: "CVE-2021-4052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4052", }, ], notes: [ { category: "general", text: "Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4052", url: "https://www.suse.com/security/cve/CVE-2021-4052", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4052", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4052", }, { cve: "CVE-2021-4053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4053", }, ], notes: [ { category: "general", text: "Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4053", url: "https://www.suse.com/security/cve/CVE-2021-4053", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4053", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4053", }, { cve: "CVE-2021-4054", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4054", }, ], notes: [ { category: "general", text: "Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4054", url: "https://www.suse.com/security/cve/CVE-2021-4054", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4054", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4054", }, { cve: "CVE-2021-4055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4055", }, ], notes: [ { category: "general", text: "Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4055", url: "https://www.suse.com/security/cve/CVE-2021-4055", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4055", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4055", }, { cve: "CVE-2021-4056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4056", }, ], notes: [ { category: "general", text: "Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4056", url: "https://www.suse.com/security/cve/CVE-2021-4056", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4056", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4056", }, { cve: "CVE-2021-4057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4057", }, ], notes: [ { category: "general", text: "Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4057", url: "https://www.suse.com/security/cve/CVE-2021-4057", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4057", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4057", }, { cve: "CVE-2021-4058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4058", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4058", url: "https://www.suse.com/security/cve/CVE-2021-4058", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4058", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4058", }, { cve: "CVE-2021-4059", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4059", }, ], notes: [ { category: "general", text: "Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4059", url: "https://www.suse.com/security/cve/CVE-2021-4059", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4059", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4059", }, { cve: "CVE-2021-4061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4061", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4061", url: "https://www.suse.com/security/cve/CVE-2021-4061", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4061", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4061", }, { cve: "CVE-2021-4062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4062", }, ], notes: [ { category: "general", text: "Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4062", url: "https://www.suse.com/security/cve/CVE-2021-4062", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4062", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4062", }, { cve: "CVE-2021-4063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4063", }, ], notes: [ { category: "general", text: "Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4063", url: "https://www.suse.com/security/cve/CVE-2021-4063", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4063", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4063", }, { cve: "CVE-2021-4064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4064", }, ], notes: [ { category: "general", text: "Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4064", url: "https://www.suse.com/security/cve/CVE-2021-4064", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4064", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4064", }, { cve: "CVE-2021-4065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4065", }, ], notes: [ { category: "general", text: "Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4065", url: "https://www.suse.com/security/cve/CVE-2021-4065", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4065", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4065", }, { cve: "CVE-2021-4066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4066", }, ], notes: [ { category: "general", text: "Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4066", url: "https://www.suse.com/security/cve/CVE-2021-4066", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4066", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4066", }, { cve: "CVE-2021-4067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4067", }, ], notes: [ { category: "general", text: "Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4067", url: "https://www.suse.com/security/cve/CVE-2021-4067", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4067", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4067", }, { cve: "CVE-2021-4068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4068", }, ], notes: [ { category: "general", text: "Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4068", url: "https://www.suse.com/security/cve/CVE-2021-4068", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4068", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4068", }, { cve: "CVE-2021-4078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4078", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4078", url: "https://www.suse.com/security/cve/CVE-2021-4078", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4078", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4078", }, { cve: "CVE-2021-4079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4079", }, ], notes: [ { category: "general", text: "Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4079", url: "https://www.suse.com/security/cve/CVE-2021-4079", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4079", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4079", }, { cve: "CVE-2021-4098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4098", }, ], notes: [ { category: "general", text: "Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4098", url: "https://www.suse.com/security/cve/CVE-2021-4098", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4098", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4098", }, { cve: "CVE-2021-4099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4099", }, ], notes: [ { category: "general", text: "Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4099", url: "https://www.suse.com/security/cve/CVE-2021-4099", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4099", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4099", }, { cve: "CVE-2021-4100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4100", }, ], notes: [ { category: "general", text: "Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4100", url: "https://www.suse.com/security/cve/CVE-2021-4100", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4100", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4100", }, { cve: "CVE-2021-4101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4101", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4101", url: "https://www.suse.com/security/cve/CVE-2021-4101", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4101", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4101", }, { cve: "CVE-2021-4102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4102", }, ], notes: [ { category: "general", text: "Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4102", url: "https://www.suse.com/security/cve/CVE-2021-4102", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4102", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2021-4102", }, { cve: "CVE-2022-0096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0096", }, ], notes: [ { category: "general", text: "Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0096", url: "https://www.suse.com/security/cve/CVE-2022-0096", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0096", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0096", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0096", }, { cve: "CVE-2022-0097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0097", }, ], notes: [ { category: "general", text: "Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0097", url: "https://www.suse.com/security/cve/CVE-2022-0097", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0097", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0097", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0097", }, { cve: "CVE-2022-0098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0098", }, ], notes: [ { category: "general", text: "Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0098", url: "https://www.suse.com/security/cve/CVE-2022-0098", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0098", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0098", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0098", }, { cve: "CVE-2022-0099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0099", }, ], notes: [ { category: "general", text: "Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0099", url: "https://www.suse.com/security/cve/CVE-2022-0099", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0099", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0099", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0099", }, { cve: "CVE-2022-0100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0100", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0100", url: "https://www.suse.com/security/cve/CVE-2022-0100", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0100", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0100", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0100", }, { cve: "CVE-2022-0101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0101", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0101", url: "https://www.suse.com/security/cve/CVE-2022-0101", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0101", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0101", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0101", }, { cve: "CVE-2022-0102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0102", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0102", url: "https://www.suse.com/security/cve/CVE-2022-0102", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0102", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0102", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0102", }, { cve: "CVE-2022-0103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0103", }, ], notes: [ { category: "general", text: "Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0103", url: "https://www.suse.com/security/cve/CVE-2022-0103", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0103", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0103", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0103", }, { cve: "CVE-2022-0104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0104", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0104", url: "https://www.suse.com/security/cve/CVE-2022-0104", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0104", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0104", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0104", }, { cve: "CVE-2022-0105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0105", }, ], notes: [ { category: "general", text: "Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0105", url: "https://www.suse.com/security/cve/CVE-2022-0105", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0105", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0105", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0105", }, { cve: "CVE-2022-0106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0106", }, ], notes: [ { category: "general", text: "Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0106", url: "https://www.suse.com/security/cve/CVE-2022-0106", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0106", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0106", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0106", }, { cve: "CVE-2022-0107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0107", }, ], notes: [ { category: "general", text: "Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0107", url: "https://www.suse.com/security/cve/CVE-2022-0107", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0107", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0107", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0107", }, { cve: "CVE-2022-0108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0108", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0108", url: "https://www.suse.com/security/cve/CVE-2022-0108", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0108", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1210731 for CVE-2022-0108", url: "https://bugzilla.suse.com/1210731", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0108", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0108", }, { cve: "CVE-2022-0109", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0109", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0109", url: "https://www.suse.com/security/cve/CVE-2022-0109", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0109", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0109", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0109", }, { cve: "CVE-2022-0110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0110", }, ], notes: [ { category: "general", text: "Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0110", url: "https://www.suse.com/security/cve/CVE-2022-0110", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0110", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0110", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0110", }, { cve: "CVE-2022-0111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0111", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0111", url: "https://www.suse.com/security/cve/CVE-2022-0111", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0111", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0111", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0111", }, { cve: "CVE-2022-0112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0112", }, ], notes: [ { category: "general", text: "Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0112", url: "https://www.suse.com/security/cve/CVE-2022-0112", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0112", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0112", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0112", }, { cve: "CVE-2022-0113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0113", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0113", url: "https://www.suse.com/security/cve/CVE-2022-0113", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0113", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0113", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0113", }, { cve: "CVE-2022-0114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0114", }, ], notes: [ { category: "general", text: "Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0114", url: "https://www.suse.com/security/cve/CVE-2022-0114", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0114", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0114", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0114", }, { cve: "CVE-2022-0115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0115", }, ], notes: [ { category: "general", text: "Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0115", url: "https://www.suse.com/security/cve/CVE-2022-0115", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0115", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0115", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0115", }, { cve: "CVE-2022-0116", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0116", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0116", url: "https://www.suse.com/security/cve/CVE-2022-0116", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0116", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0116", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0116", }, { cve: "CVE-2022-0117", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0117", }, ], notes: [ { category: "general", text: "Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0117", url: "https://www.suse.com/security/cve/CVE-2022-0117", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0117", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0117", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0117", }, { cve: "CVE-2022-0118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0118", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0118", url: "https://www.suse.com/security/cve/CVE-2022-0118", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0118", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0118", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0118", }, { cve: "CVE-2022-0120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0120", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0120", url: "https://www.suse.com/security/cve/CVE-2022-0120", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0120", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0120", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0120", }, { cve: "CVE-2022-0289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0289", }, ], notes: [ { category: "general", text: "Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0289", url: "https://www.suse.com/security/cve/CVE-2022-0289", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0289", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0289", }, { cve: "CVE-2022-0290", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0290", }, ], notes: [ { category: "general", text: "Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0290", url: "https://www.suse.com/security/cve/CVE-2022-0290", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0290", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0290", }, { cve: "CVE-2022-0291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0291", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0291", url: "https://www.suse.com/security/cve/CVE-2022-0291", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0291", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0291", }, { cve: "CVE-2022-0292", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0292", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0292", url: "https://www.suse.com/security/cve/CVE-2022-0292", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0292", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0292", }, { cve: "CVE-2022-0293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0293", }, ], notes: [ { category: "general", text: "Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0293", url: "https://www.suse.com/security/cve/CVE-2022-0293", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0293", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0293", }, { cve: "CVE-2022-0294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0294", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0294", url: "https://www.suse.com/security/cve/CVE-2022-0294", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0294", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0294", }, { cve: "CVE-2022-0295", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0295", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0295", url: "https://www.suse.com/security/cve/CVE-2022-0295", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0295", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0295", }, { cve: "CVE-2022-0296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0296", }, ], notes: [ { category: "general", text: "Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0296", url: "https://www.suse.com/security/cve/CVE-2022-0296", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0296", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0296", }, { cve: "CVE-2022-0297", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0297", }, ], notes: [ { category: "general", text: "Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0297", url: "https://www.suse.com/security/cve/CVE-2022-0297", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0297", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0297", }, { cve: "CVE-2022-0298", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0298", }, ], notes: [ { category: "general", text: "Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0298", url: "https://www.suse.com/security/cve/CVE-2022-0298", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0298", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0298", }, { cve: "CVE-2022-0300", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0300", }, ], notes: [ { category: "general", text: "Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0300", url: "https://www.suse.com/security/cve/CVE-2022-0300", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0300", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0300", }, { cve: "CVE-2022-0301", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0301", }, ], notes: [ { category: "general", text: "Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0301", url: "https://www.suse.com/security/cve/CVE-2022-0301", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0301", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0301", }, { cve: "CVE-2022-0302", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0302", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0302", url: "https://www.suse.com/security/cve/CVE-2022-0302", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0302", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0302", }, { cve: "CVE-2022-0304", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0304", }, ], notes: [ { category: "general", text: "Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0304", url: "https://www.suse.com/security/cve/CVE-2022-0304", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0304", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0304", }, { cve: "CVE-2022-0305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0305", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0305", url: "https://www.suse.com/security/cve/CVE-2022-0305", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0305", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0305", }, { cve: "CVE-2022-0306", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0306", }, ], notes: [ { category: "general", text: "Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0306", url: "https://www.suse.com/security/cve/CVE-2022-0306", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0306", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0306", }, { cve: "CVE-2022-0307", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0307", }, ], notes: [ { category: "general", text: "Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0307", url: "https://www.suse.com/security/cve/CVE-2022-0307", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0307", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0307", }, { cve: "CVE-2022-0308", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0308", }, ], notes: [ { category: "general", text: "Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0308", url: "https://www.suse.com/security/cve/CVE-2022-0308", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0308", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0308", }, { cve: "CVE-2022-0309", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0309", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0309", url: "https://www.suse.com/security/cve/CVE-2022-0309", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0309", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0309", }, { cve: "CVE-2022-0310", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0310", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0310", url: "https://www.suse.com/security/cve/CVE-2022-0310", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0310", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0310", }, { cve: "CVE-2022-0311", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0311", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0311", url: "https://www.suse.com/security/cve/CVE-2022-0311", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0311", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0311", }, { cve: "CVE-2022-0452", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0452", }, ], notes: [ { category: "general", text: "Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0452", url: "https://www.suse.com/security/cve/CVE-2022-0452", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0452", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0452", }, { cve: "CVE-2022-0453", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0453", }, ], notes: [ { category: "general", text: "Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0453", url: "https://www.suse.com/security/cve/CVE-2022-0453", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0453", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0453", }, { cve: "CVE-2022-0454", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0454", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0454", url: "https://www.suse.com/security/cve/CVE-2022-0454", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0454", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0454", }, { cve: "CVE-2022-0455", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0455", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0455", url: "https://www.suse.com/security/cve/CVE-2022-0455", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0455", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0455", }, { cve: "CVE-2022-0456", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0456", }, ], notes: [ { category: "general", text: "Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0456", url: "https://www.suse.com/security/cve/CVE-2022-0456", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0456", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0456", }, { cve: "CVE-2022-0457", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0457", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0457", url: "https://www.suse.com/security/cve/CVE-2022-0457", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0457", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0457", }, { cve: "CVE-2022-0458", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0458", }, ], notes: [ { category: "general", text: "Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0458", url: "https://www.suse.com/security/cve/CVE-2022-0458", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0458", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0458", }, { cve: "CVE-2022-0459", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0459", }, ], notes: [ { category: "general", text: "Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0459", url: "https://www.suse.com/security/cve/CVE-2022-0459", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0459", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0459", }, { cve: "CVE-2022-0460", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0460", }, ], notes: [ { category: "general", text: "Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0460", url: "https://www.suse.com/security/cve/CVE-2022-0460", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0460", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0460", }, { cve: "CVE-2022-0461", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0461", }, ], notes: [ { category: "general", text: "Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0461", url: "https://www.suse.com/security/cve/CVE-2022-0461", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0461", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0461", }, { cve: "CVE-2022-0462", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0462", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0462", url: "https://www.suse.com/security/cve/CVE-2022-0462", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0462", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0462", }, { cve: "CVE-2022-0463", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0463", }, ], notes: [ { category: "general", text: "Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0463", url: "https://www.suse.com/security/cve/CVE-2022-0463", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0463", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0463", }, { cve: "CVE-2022-0464", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0464", }, ], notes: [ { category: "general", text: "Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0464", url: "https://www.suse.com/security/cve/CVE-2022-0464", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0464", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0464", }, { cve: "CVE-2022-0465", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0465", }, ], notes: [ { category: "general", text: "Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0465", url: "https://www.suse.com/security/cve/CVE-2022-0465", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0465", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0465", }, { cve: "CVE-2022-0466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0466", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0466", url: "https://www.suse.com/security/cve/CVE-2022-0466", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0466", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0466", }, { cve: "CVE-2022-0467", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0467", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0467", url: "https://www.suse.com/security/cve/CVE-2022-0467", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0467", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0467", }, { cve: "CVE-2022-0468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0468", }, ], notes: [ { category: "general", text: "Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0468", url: "https://www.suse.com/security/cve/CVE-2022-0468", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0468", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0468", }, { cve: "CVE-2022-0469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0469", }, ], notes: [ { category: "general", text: "Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0469", url: "https://www.suse.com/security/cve/CVE-2022-0469", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0469", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0469", }, { cve: "CVE-2022-0470", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0470", }, ], notes: [ { category: "general", text: "Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0470", url: "https://www.suse.com/security/cve/CVE-2022-0470", }, { category: "external", summary: "SUSE Bug 1195420 for CVE-2022-0470", url: "https://bugzilla.suse.com/1195420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0470", }, { cve: "CVE-2022-0603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0603", }, ], notes: [ { category: "general", text: "Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0603", url: "https://www.suse.com/security/cve/CVE-2022-0603", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0603", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0603", }, { cve: "CVE-2022-0604", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0604", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0604", url: "https://www.suse.com/security/cve/CVE-2022-0604", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0604", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0604", }, { cve: "CVE-2022-0605", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0605", }, ], notes: [ { category: "general", text: "Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0605", url: "https://www.suse.com/security/cve/CVE-2022-0605", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0605", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0605", }, { cve: "CVE-2022-0606", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0606", }, ], notes: [ { category: "general", text: "Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0606", url: "https://www.suse.com/security/cve/CVE-2022-0606", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0606", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0606", }, { cve: "CVE-2022-0607", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0607", }, ], notes: [ { category: "general", text: "Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0607", url: "https://www.suse.com/security/cve/CVE-2022-0607", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0607", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0607", }, { cve: "CVE-2022-0608", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0608", }, ], notes: [ { category: "general", text: "Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0608", url: "https://www.suse.com/security/cve/CVE-2022-0608", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0608", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0608", }, { cve: "CVE-2022-0609", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0609", }, ], notes: [ { category: "general", text: "Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0609", url: "https://www.suse.com/security/cve/CVE-2022-0609", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0609", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0609", }, { cve: "CVE-2022-0610", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0610", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0610", url: "https://www.suse.com/security/cve/CVE-2022-0610", }, { category: "external", summary: "SUSE Bug 1195986 for CVE-2022-0610", url: "https://bugzilla.suse.com/1195986", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-0610", }, { cve: "CVE-2022-0789", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0789", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0789", url: "https://www.suse.com/security/cve/CVE-2022-0789", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0789", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0789", }, { cve: "CVE-2022-0790", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0790", }, ], notes: [ { category: "general", text: "Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0790", url: "https://www.suse.com/security/cve/CVE-2022-0790", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0790", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0790", }, { cve: "CVE-2022-0791", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0791", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0791", url: "https://www.suse.com/security/cve/CVE-2022-0791", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0791", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0791", }, { cve: "CVE-2022-0792", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0792", }, ], notes: [ { category: "general", text: "Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0792", url: "https://www.suse.com/security/cve/CVE-2022-0792", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0792", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0792", }, { cve: "CVE-2022-0793", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0793", }, ], notes: [ { category: "general", text: "Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0793", url: "https://www.suse.com/security/cve/CVE-2022-0793", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0793", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0793", }, { cve: "CVE-2022-0794", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0794", }, ], notes: [ { category: "general", text: "Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0794", url: "https://www.suse.com/security/cve/CVE-2022-0794", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0794", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0794", }, { cve: "CVE-2022-0795", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0795", }, ], notes: [ { category: "general", text: "Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0795", url: "https://www.suse.com/security/cve/CVE-2022-0795", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0795", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0795", }, { cve: "CVE-2022-0796", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0796", }, ], notes: [ { category: "general", text: "Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0796", url: "https://www.suse.com/security/cve/CVE-2022-0796", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0796", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0796", }, { cve: "CVE-2022-0797", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0797", }, ], notes: [ { category: "general", text: "Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0797", url: "https://www.suse.com/security/cve/CVE-2022-0797", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0797", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0797", }, { cve: "CVE-2022-0798", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0798", }, ], notes: [ { category: "general", text: "Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0798", url: "https://www.suse.com/security/cve/CVE-2022-0798", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0798", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0798", }, { cve: "CVE-2022-0799", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0799", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0799", url: "https://www.suse.com/security/cve/CVE-2022-0799", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0799", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0799", }, { cve: "CVE-2022-0800", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0800", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0800", url: "https://www.suse.com/security/cve/CVE-2022-0800", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0800", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0800", }, { cve: "CVE-2022-0801", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0801", }, ], notes: [ { category: "general", text: "Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0801", url: "https://www.suse.com/security/cve/CVE-2022-0801", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0801", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0801", }, { cve: "CVE-2022-0802", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0802", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0802", url: "https://www.suse.com/security/cve/CVE-2022-0802", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0802", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0802", }, { cve: "CVE-2022-0803", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0803", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0803", url: "https://www.suse.com/security/cve/CVE-2022-0803", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0803", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0803", }, { cve: "CVE-2022-0804", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0804", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0804", url: "https://www.suse.com/security/cve/CVE-2022-0804", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0804", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0804", }, { cve: "CVE-2022-0805", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0805", }, ], notes: [ { category: "general", text: "Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0805", url: "https://www.suse.com/security/cve/CVE-2022-0805", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0805", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0805", }, { cve: "CVE-2022-0806", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0806", }, ], notes: [ { category: "general", text: "Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0806", url: "https://www.suse.com/security/cve/CVE-2022-0806", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0806", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0806", }, { cve: "CVE-2022-0807", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0807", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0807", url: "https://www.suse.com/security/cve/CVE-2022-0807", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0807", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0807", }, { cve: "CVE-2022-0808", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0808", }, ], notes: [ { category: "general", text: "Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0808", url: "https://www.suse.com/security/cve/CVE-2022-0808", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0808", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0808", }, { cve: "CVE-2022-0809", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0809", }, ], notes: [ { category: "general", text: "Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0809", url: "https://www.suse.com/security/cve/CVE-2022-0809", }, { category: "external", summary: "SUSE Bug 1196641 for CVE-2022-0809", url: "https://bugzilla.suse.com/1196641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "critical", }, ], title: "CVE-2022-0809", }, { cve: "CVE-2022-1096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1096", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1096", url: "https://www.suse.com/security/cve/CVE-2022-1096", }, { category: "external", summary: "SUSE Bug 1197552 for CVE-2022-1096", url: "https://bugzilla.suse.com/1197552", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.4 NonFree:opera-85.0.4341.28-lp154.2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-08T14:01:17Z", details: "important", }, ], title: "CVE-2022-1096", }, ], }
gsd-2021-38004
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Aliases
Aliases
{ GSD: { alias: "CVE-2021-38004", description: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", id: "GSD-2021-38004", references: [ "https://www.debian.org/security/2022/dsa-5046", "https://security.archlinux.org/CVE-2021-38004", "https://www.suse.com/security/cve/CVE-2021-38004.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2021-38004", ], details: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", id: "GSD-2021-38004", modified: "2023-12-13T01:23:17.418629Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2021-38004", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "95.0.4638.69", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { name: "https://crbug.com/1227170", refsource: "MISC", url: "https://crbug.com/1227170", }, { name: "DSA-5046", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5046", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "95.0.4638.69", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2021-38004", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-668", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", refsource: "MISC", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { name: "https://crbug.com/1227170", refsource: "MISC", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1227170", }, { name: "DSA-5046", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5046", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: true, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, }, }, lastModifiedDate: "2022-02-18T16:41Z", publishedDate: "2021-11-23T22:15Z", }, }, }
fkie_cve-2021-38004
Vulnerability from fkie_nvd
Published
2021-11-23 22:15
Modified
2024-11-21 06:16
Severity ?
Summary
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| chrome-cve-admin@google.com | https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html | Release Notes, Vendor Advisory | |
| chrome-cve-admin@google.com | https://crbug.com/1227170 | Permissions Required, Vendor Advisory | |
| chrome-cve-admin@google.com | https://www.debian.org/security/2022/dsa-5046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://crbug.com/1227170 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5046 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "B625BE9F-2418-44C9-8974-DFD6430CBD46", versionEndExcluding: "95.0.4638.69", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de políticas en Autofill en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada", }, ], id: "CVE-2021-38004", lastModified: "2024-11-21T06:16:14.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-23T22:15:07.980", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1227170", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1227170", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5046", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-668", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-mhw5-2mx2-2jh7
Vulnerability from github
Published
2021-11-24 00:00
Modified
2022-01-16 00:01
Details
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
{ affected: [], aliases: [ "CVE-2021-38004", ], database_specific: { cwe_ids: [ "CWE-668", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2021-11-23T22:15:00Z", severity: "MODERATE", }, details: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", id: "GHSA-mhw5-2mx2-2jh7", modified: "2022-01-16T00:01:31Z", published: "2021-11-24T00:00:27Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-38004", }, { type: "WEB", url: "https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html", }, { type: "WEB", url: "https://crbug.com/1227170", }, { type: "WEB", url: "https://www.debian.org/security/2022/dsa-5046", }, ], schema_version: "1.4.0", severity: [], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.