Vulnerability from csaf_opensuse
Published
2022-02-20 17:01
Modified
2022-02-20 17:01
Summary
Security update for opera
Notes
Title of the patch
Security update for opera
Description of the patch
This update for opera fixes the following issues:
Update to 83.0.4254.27
- CHR-8737 Update chromium on desktop-stable-97-4254 to
97.0.4692.99
- DNA-96336 [Mac] Translate new network installer slogan
- DNA-96678 Add battery level monitoring capability to
powerSavePrivate
- DNA-96939 Crash at
opera::ExternalVideoService::MarkAsManuallyClosed()
- DNA-97276 Enable #static-tab-audio-indicator on all streams
- The update to chromium 97.0.4692.99 fixes following issues:
CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,
CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,
CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,
CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,
CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310,
CVE-2022-0311
Update to 83.0.4254.19
- DNA-96079 Turn on #automatic-video-popout on developer
- DNA-97070 Opera 83 translations
- DNA-97119 [LastCard] Stop showing used burner cards
- DNA-97131 Enable automatic-video-popout on all streams from
O84 on
- DNA-97257 Crash at
views::ImageButton::SetMinimumImageSize(gfx::Size const&)
- DNA-97259 Promote O83 to stable
- Complete Opera 83.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-83/
- Update to 83.0.4254.16
- DNA-96968 Fix alignment of the 'Advanced' button in Settings
- Update to 83.0.4254.14
- CHR-8701 Update chromium on desktop-stable-97-4254 to
97.0.4692.45
- CHR-8713 Update chromium on desktop-stable-97-4254 to
97.0.4692.56
- CHR-8723 Update chromium on desktop-stable-97-4254 to
97.0.4692.71
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96822 Tab close resize behavior change
- DNA-96861 Create Loomi Options menu
- DNA-96904 Support Win11 snap layout popup
- DNA-96951 Tab close animation broken
- DNA-96991 Tab X button doesn’t work correctly
- DNA-97027 Incorrect tab size after tab close
- The update to chromium 97.0.4692.71 fixes following issues:
CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,
CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,
CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,
CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,
CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,
CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,
CVE-2022-0118, CVE-2022-0120
- Update to version 82.0.4227.58
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96890 Settings default browser not working for current
user on Windows 7
- Update to version 82.0.4227.43
- CHR-8705 Update chromium on desktop-stable-96-4227 to
96.0.4664.110
- DNA-93284 Unstable
obj/opera/desktop/common/installer_rc_generated/installer.res
- DNA-95908 Interstitial/internal pages shown as NOT SECURE
after visiting http site
- DNA-96404 Opera doesn’t show on main screen when second screen
is abruptly disconnected
- The update to chromium 96.0.4664.110 fixes following issues:
CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101,
CVE-2021-4102
- Update to version 82.0.4227.33
- CHR-8689 Update chromium on desktop-stable-96-4227 to
96.0.4664.93
- DNA-96559 Tooltip popup looks bad in dark theme
- DNA-96570 [Player] Tidal logging in via PLAY doesn’t work
- DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks
- DNA-96649 Update Meme button
- DNA-96676 Add Icon in the Sidebar Setup
- DNA-96677 Add default URL
- The update to chromium 96.0.4664.93 fixes following issues:
CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,
CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,
CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,
CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,
CVE-2021-4067, CVE-2021-4068
- Update to version 82.0.4227.23
- DNA-95632 With new au-logic UUID is set with delay and may be
not set for pb-builds (when closing fast)
- DNA-96349 Laggy tooltip animation
- DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap
version for Opera 82
- DNA-96493 Create 'small' enticement in credit card autofill
- DNA-96533 Opera 82 translations
- DNA-96535 Make the URL configurable
- DNA-96553 Add switch to whitelist test pages
- DNA-96557 Links not opened from panel
- DNA-96558 AdBlock bloks some trackers inside the panel
- DNA-96568 [Player] Tidal in sidebar Player opens wrong site
when logging in
- DNA-96659 Siteprefs not applied after network service crash
- DNA-96593 Promote O82 to stable
- Complete Opera 82.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-82/
- Update to version 82.0.4227.13
- CHR-8668 Update chromium on desktop-stable-96-4227 to
96.0.4664.45
- DNA-76987 [Mac] Update desktop EULA with geolocation split
- DNA-93388 Problem with symlinks on windows when creating
file list
- DNA-95734 Discarded Recently Closed items get revived
after restart
- DNA-96134 'Your profile has been updated' does not disappear
- DNA-96190 Opera freezes when trying to drag expanded
bookmark folder with nested subfolders
- DNA-96223 Easy Files not working in Full Screen
- DNA-96274 Checkout autofill shouldn't show used burner card
- DNA-96275 Change the notification message for pausing
multi-use cards
- DNA-96295 'Video pop out' setting doesn't sync
- DNA-96316 Highlight text wrong colour on dark mode
- DNA-96326 Wrong translation Private Mode > Turkish
- DNA-96351 macOS window controls are missing in full screen
- DNA-96440 Update video URL
- DNA-96448 add option to pin extension via rich hints
- DNA-96453 Register user-chosen option on client-side, read on
hint side
- DNA-96454 Choosing an option from the settings menu should
close the popup
- DNA-96484 Enable AB test for a new autoupdater logic (for 50%)
- DNA-96500 Add 'don't show me again' prefs to allowed whitelist
- DNA-96538 Inline audiocomplete for www.mediaexpert.pl
incorrectly suggested
- The update to chromium 96.0.4664.45 fixes following issues:
CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,
CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,
CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,
CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,
CVE-2021-38022
- Update to version 81.0.4196.54
- CHR-8644 Update chromium on desktop-stable-95-4196 to
95.0.4638.69
- DNA-95773 ExtensionWebRequestApiTest crashes on mac
- DNA-96062 Opera 81 translations
- DNA-96134 “Your profile has been updated’ does not disappear
- DNA-96274 Checkout autofill shouldn’t show used burner card
- DNA-96275 Change the notification message for pausing
multi-use cards
- DNA-96440 Update video URL
- The update to chromium 95.0.4638.69 fixes following issues:
CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,
CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004
- Update to version 81.0.4196.37
- DNA-96008 Crash at
content::WebContentsImpl::OpenURL(content::OpenURLParams const&)
- DNA-96032 Closing the videoconference pop-up force leaving
the meeting
- DNA-96092 Crash at void
opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)
- DNA-96142 [Yat] Emoji icon cut off in URL for Yat
Patchnames
openSUSE-2022-47
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for opera", title: "Title of the patch", }, { category: "description", text: "This update for opera fixes the following issues:\n\nUpdate to 83.0.4254.27\n\n - CHR-8737 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.99\n - DNA-96336 [Mac] Translate new network installer slogan\n - DNA-96678 Add battery level monitoring capability to\n powerSavePrivate\n - DNA-96939 Crash at \n opera::ExternalVideoService::MarkAsManuallyClosed()\n - DNA-97276 Enable #static-tab-audio-indicator on all streams\n\n- The update to chromium 97.0.4692.99 fixes following issues:\n CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,\n CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,\n CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,\n CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,\n CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310,\n CVE-2022-0311\n\nUpdate to 83.0.4254.19\n\n - DNA-96079 Turn on #automatic-video-popout on developer\n - DNA-97070 Opera 83 translations\n - DNA-97119 [LastCard] Stop showing used burner cards\n - DNA-97131 Enable automatic-video-popout on all streams from\n O84 on\n - DNA-97257 Crash at \n views::ImageButton::SetMinimumImageSize(gfx::Size const&)\n - DNA-97259 Promote O83 to stable\n\n- Complete Opera 83.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-83/\n\n- Update to 83.0.4254.16\n\n - DNA-96968 Fix alignment of the 'Advanced' button in Settings\n\n- Update to 83.0.4254.14\n\n - CHR-8701 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.45\n - CHR-8713 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.56\n - CHR-8723 Update chromium on desktop-stable-97-4254 to\n 97.0.4692.71\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96822 Tab close resize behavior change\n - DNA-96861 Create Loomi Options menu\n - DNA-96904 Support Win11 snap layout popup\n - DNA-96951 Tab close animation broken\n - DNA-96991 Tab X button doesn’t work correctly\n - DNA-97027 Incorrect tab size after tab close\n- The update to chromium 97.0.4692.71 fixes following issues:\n CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,\n CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,\n CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,\n CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,\n CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,\n CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,\n CVE-2022-0118, CVE-2022-0120\n\n- Update to version 82.0.4227.58\n\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96890 Settings default browser not working for current\n user on Windows 7\n\n- Update to version 82.0.4227.43\n\n - CHR-8705 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.110\n - DNA-93284 Unstable\n obj/opera/desktop/common/installer_rc_generated/installer.res\n - DNA-95908 Interstitial/internal pages shown as NOT SECURE\n after visiting http site\n - DNA-96404 Opera doesn’t show on main screen when second screen\n is abruptly disconnected\n\n- The update to chromium 96.0.4664.110 fixes following issues:\n CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101,\n CVE-2021-4102\n\n- Update to version 82.0.4227.33\n\n - CHR-8689 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.93\n - DNA-96559 Tooltip popup looks bad in dark theme\n - DNA-96570 [Player] Tidal logging in via PLAY doesn’t work\n - DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks\n - DNA-96649 Update Meme button\n - DNA-96676 Add Icon in the Sidebar Setup\n - DNA-96677 Add default URL\n- The update to chromium 96.0.4664.93 fixes following issues:\n CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,\n CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,\n CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,\n CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,\n CVE-2021-4067, CVE-2021-4068\n\n- Update to version 82.0.4227.23\n\n - DNA-95632 With new au-logic UUID is set with delay and may be\n not set for pb-builds (when closing fast)\n - DNA-96349 Laggy tooltip animation\n - DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap\n version for Opera 82\n - DNA-96493 Create 'small' enticement in credit card autofill\n - DNA-96533 Opera 82 translations\n - DNA-96535 Make the URL configurable\n - DNA-96553 Add switch to whitelist test pages\n - DNA-96557 Links not opened from panel\n - DNA-96558 AdBlock bloks some trackers inside the panel\n - DNA-96568 [Player] Tidal in sidebar Player opens wrong site\n when logging in\n - DNA-96659 Siteprefs not applied after network service crash\n - DNA-96593 Promote O82 to stable\n\n- Complete Opera 82.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-82/\n\n- Update to version 82.0.4227.13\n\n - CHR-8668 Update chromium on desktop-stable-96-4227 to\n 96.0.4664.45\n - DNA-76987 [Mac] Update desktop EULA with geolocation split\n - DNA-93388 Problem with symlinks on windows when creating\n file list\n - DNA-95734 Discarded Recently Closed items get revived\n after restart\n - DNA-96134 'Your profile has been updated' does not disappear\n - DNA-96190 Opera freezes when trying to drag expanded\n bookmark folder with nested subfolders\n - DNA-96223 Easy Files not working in Full Screen\n - DNA-96274 Checkout autofill shouldn't show used burner card\n - DNA-96275 Change the notification message for pausing\n multi-use cards\n - DNA-96295 'Video pop out' setting doesn't sync\n - DNA-96316 Highlight text wrong colour on dark mode\n - DNA-96326 Wrong translation Private Mode > Turkish\n - DNA-96351 macOS window controls are missing in full screen\n - DNA-96440 Update video URL\n - DNA-96448 add option to pin extension via rich hints\n - DNA-96453 Register user-chosen option on client-side, read on\n hint side\n - DNA-96454 Choosing an option from the settings menu should\n close the popup\n - DNA-96484 Enable AB test for a new autoupdater logic (for 50%)\n - DNA-96500 Add 'don't show me again' prefs to allowed whitelist\n - DNA-96538 Inline audiocomplete for www.mediaexpert.pl\n incorrectly suggested\n- The update to chromium 96.0.4664.45 fixes following issues:\n CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,\n CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,\n CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,\n CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,\n CVE-2021-38022\n \n\n- Update to version 81.0.4196.54\n\n - CHR-8644 Update chromium on desktop-stable-95-4196 to\n 95.0.4638.69\n - DNA-95773 ExtensionWebRequestApiTest crashes on mac\n - DNA-96062 Opera 81 translations\n - DNA-96134 “Your profile has been updated’ does not disappear\n - DNA-96274 Checkout autofill shouldn’t show used burner card\n - DNA-96275 Change the notification message for pausing\n multi-use cards\n - DNA-96440 Update video URL\n\n- The update to chromium 95.0.4638.69 fixes following issues:\n CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,\n CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004 \n\n- Update to version 81.0.4196.37\n\n - DNA-96008 Crash at\n content::WebContentsImpl::OpenURL(content::OpenURLParams const&)\n - DNA-96032 Closing the videoconference pop-up force leaving\n the meeting\n - DNA-96092 Crash at void\n opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)\n - DNA-96142 [Yat] Emoji icon cut off in URL for Yat\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2022-47", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0047-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2022:0047-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JVEGWNKSSGZPVVLVJKNT5ZEY54Z5RLV4/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2022:0047-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JVEGWNKSSGZPVVLVJKNT5ZEY54Z5RLV4/", }, { category: "self", summary: "SUSE CVE CVE-2021-37980 page", url: "https://www.suse.com/security/cve/CVE-2021-37980/", }, { category: "self", summary: "SUSE CVE CVE-2021-37997 page", url: "https://www.suse.com/security/cve/CVE-2021-37997/", }, { category: "self", summary: "SUSE CVE CVE-2021-37998 page", url: "https://www.suse.com/security/cve/CVE-2021-37998/", }, { category: "self", summary: "SUSE CVE CVE-2021-37999 page", url: "https://www.suse.com/security/cve/CVE-2021-37999/", }, { category: "self", summary: "SUSE CVE CVE-2021-38001 page", url: "https://www.suse.com/security/cve/CVE-2021-38001/", }, { category: "self", summary: "SUSE CVE CVE-2021-38002 page", url: "https://www.suse.com/security/cve/CVE-2021-38002/", }, { category: "self", summary: "SUSE CVE CVE-2021-38003 page", url: "https://www.suse.com/security/cve/CVE-2021-38003/", }, { category: "self", summary: "SUSE CVE CVE-2021-38004 page", url: "https://www.suse.com/security/cve/CVE-2021-38004/", }, { category: "self", summary: "SUSE CVE CVE-2021-38005 page", url: "https://www.suse.com/security/cve/CVE-2021-38005/", }, { category: "self", summary: "SUSE CVE CVE-2021-38006 page", url: "https://www.suse.com/security/cve/CVE-2021-38006/", }, { category: "self", summary: "SUSE CVE CVE-2021-38007 page", url: "https://www.suse.com/security/cve/CVE-2021-38007/", }, { category: "self", summary: "SUSE CVE CVE-2021-38008 page", url: "https://www.suse.com/security/cve/CVE-2021-38008/", }, { category: "self", summary: "SUSE CVE CVE-2021-38009 page", url: "https://www.suse.com/security/cve/CVE-2021-38009/", }, { category: "self", summary: "SUSE CVE CVE-2021-38010 page", url: "https://www.suse.com/security/cve/CVE-2021-38010/", }, { category: "self", summary: "SUSE CVE CVE-2021-38011 page", url: "https://www.suse.com/security/cve/CVE-2021-38011/", }, { category: "self", summary: "SUSE CVE CVE-2021-38012 page", url: "https://www.suse.com/security/cve/CVE-2021-38012/", }, { category: "self", summary: "SUSE CVE CVE-2021-38013 page", url: "https://www.suse.com/security/cve/CVE-2021-38013/", }, { category: "self", summary: "SUSE CVE CVE-2021-38014 page", url: "https://www.suse.com/security/cve/CVE-2021-38014/", }, { category: "self", summary: "SUSE CVE CVE-2021-38015 page", url: "https://www.suse.com/security/cve/CVE-2021-38015/", }, { category: "self", summary: "SUSE CVE CVE-2021-38016 page", url: "https://www.suse.com/security/cve/CVE-2021-38016/", }, { category: "self", summary: "SUSE CVE CVE-2021-38017 page", url: "https://www.suse.com/security/cve/CVE-2021-38017/", }, { category: "self", summary: "SUSE CVE CVE-2021-38019 page", url: "https://www.suse.com/security/cve/CVE-2021-38019/", }, { category: "self", summary: "SUSE CVE CVE-2021-38020 page", url: "https://www.suse.com/security/cve/CVE-2021-38020/", }, { category: "self", summary: "SUSE CVE CVE-2021-38021 page", url: "https://www.suse.com/security/cve/CVE-2021-38021/", }, { category: "self", summary: "SUSE CVE CVE-2021-38022 page", url: "https://www.suse.com/security/cve/CVE-2021-38022/", }, { category: "self", summary: "SUSE CVE CVE-2021-4052 page", url: "https://www.suse.com/security/cve/CVE-2021-4052/", }, { category: "self", summary: "SUSE CVE CVE-2021-4053 page", url: "https://www.suse.com/security/cve/CVE-2021-4053/", }, { category: "self", summary: "SUSE CVE CVE-2021-4054 page", url: "https://www.suse.com/security/cve/CVE-2021-4054/", }, { category: "self", summary: "SUSE CVE CVE-2021-4055 page", url: "https://www.suse.com/security/cve/CVE-2021-4055/", }, { category: "self", summary: "SUSE CVE CVE-2021-4056 page", url: "https://www.suse.com/security/cve/CVE-2021-4056/", }, { category: "self", summary: "SUSE CVE CVE-2021-4057 page", url: "https://www.suse.com/security/cve/CVE-2021-4057/", }, { category: "self", summary: "SUSE CVE CVE-2021-4058 page", url: "https://www.suse.com/security/cve/CVE-2021-4058/", }, { category: "self", summary: "SUSE CVE CVE-2021-4059 page", url: "https://www.suse.com/security/cve/CVE-2021-4059/", }, { category: "self", summary: "SUSE CVE CVE-2021-4061 page", url: "https://www.suse.com/security/cve/CVE-2021-4061/", }, { category: "self", summary: "SUSE CVE CVE-2021-4062 page", url: "https://www.suse.com/security/cve/CVE-2021-4062/", }, { category: "self", summary: "SUSE CVE CVE-2021-4063 page", url: "https://www.suse.com/security/cve/CVE-2021-4063/", }, { category: "self", summary: "SUSE CVE CVE-2021-4064 page", url: "https://www.suse.com/security/cve/CVE-2021-4064/", }, { category: "self", summary: "SUSE CVE CVE-2021-4065 page", url: "https://www.suse.com/security/cve/CVE-2021-4065/", }, { category: "self", summary: "SUSE CVE CVE-2021-4066 page", url: "https://www.suse.com/security/cve/CVE-2021-4066/", }, { category: "self", summary: "SUSE CVE CVE-2021-4067 page", url: "https://www.suse.com/security/cve/CVE-2021-4067/", }, { category: "self", summary: "SUSE CVE CVE-2021-4068 page", url: "https://www.suse.com/security/cve/CVE-2021-4068/", }, { category: "self", summary: "SUSE CVE CVE-2021-4078 page", url: "https://www.suse.com/security/cve/CVE-2021-4078/", }, { category: "self", summary: "SUSE CVE CVE-2021-4079 page", url: "https://www.suse.com/security/cve/CVE-2021-4079/", }, { category: "self", summary: "SUSE CVE CVE-2021-4098 page", url: "https://www.suse.com/security/cve/CVE-2021-4098/", }, { category: "self", summary: "SUSE CVE CVE-2021-4099 page", url: "https://www.suse.com/security/cve/CVE-2021-4099/", }, { category: "self", summary: "SUSE CVE CVE-2021-4100 page", url: "https://www.suse.com/security/cve/CVE-2021-4100/", }, { category: "self", summary: "SUSE CVE CVE-2021-4101 page", url: "https://www.suse.com/security/cve/CVE-2021-4101/", }, { category: "self", summary: "SUSE CVE CVE-2021-4102 page", url: "https://www.suse.com/security/cve/CVE-2021-4102/", }, { category: "self", summary: "SUSE CVE CVE-2022-0096 page", url: "https://www.suse.com/security/cve/CVE-2022-0096/", }, { category: "self", summary: "SUSE CVE CVE-2022-0097 page", url: "https://www.suse.com/security/cve/CVE-2022-0097/", }, { category: "self", summary: "SUSE CVE CVE-2022-0098 page", url: "https://www.suse.com/security/cve/CVE-2022-0098/", }, { category: "self", summary: "SUSE CVE CVE-2022-0099 page", url: "https://www.suse.com/security/cve/CVE-2022-0099/", }, { category: "self", summary: "SUSE CVE CVE-2022-0100 page", url: "https://www.suse.com/security/cve/CVE-2022-0100/", }, { category: "self", summary: "SUSE CVE CVE-2022-0101 page", url: "https://www.suse.com/security/cve/CVE-2022-0101/", }, { category: "self", summary: "SUSE CVE CVE-2022-0102 page", url: "https://www.suse.com/security/cve/CVE-2022-0102/", }, { category: "self", summary: "SUSE CVE CVE-2022-0103 page", url: "https://www.suse.com/security/cve/CVE-2022-0103/", }, { category: "self", summary: "SUSE CVE CVE-2022-0104 page", url: "https://www.suse.com/security/cve/CVE-2022-0104/", }, { category: "self", summary: "SUSE CVE CVE-2022-0105 page", url: "https://www.suse.com/security/cve/CVE-2022-0105/", }, { category: "self", summary: "SUSE CVE CVE-2022-0106 page", url: "https://www.suse.com/security/cve/CVE-2022-0106/", }, { category: "self", summary: "SUSE CVE CVE-2022-0107 page", url: "https://www.suse.com/security/cve/CVE-2022-0107/", }, { category: "self", summary: "SUSE CVE CVE-2022-0108 page", url: "https://www.suse.com/security/cve/CVE-2022-0108/", }, { category: "self", summary: "SUSE CVE CVE-2022-0109 page", url: "https://www.suse.com/security/cve/CVE-2022-0109/", }, { category: "self", summary: "SUSE CVE CVE-2022-0110 page", url: "https://www.suse.com/security/cve/CVE-2022-0110/", }, { category: "self", summary: "SUSE CVE CVE-2022-0111 page", url: "https://www.suse.com/security/cve/CVE-2022-0111/", }, { category: "self", summary: "SUSE CVE CVE-2022-0112 page", url: "https://www.suse.com/security/cve/CVE-2022-0112/", }, { category: "self", summary: "SUSE CVE CVE-2022-0113 page", url: "https://www.suse.com/security/cve/CVE-2022-0113/", }, { category: "self", summary: "SUSE CVE CVE-2022-0114 page", url: "https://www.suse.com/security/cve/CVE-2022-0114/", }, { category: "self", summary: "SUSE CVE CVE-2022-0115 page", url: "https://www.suse.com/security/cve/CVE-2022-0115/", }, { category: "self", summary: "SUSE CVE CVE-2022-0116 page", url: "https://www.suse.com/security/cve/CVE-2022-0116/", }, { category: "self", summary: "SUSE CVE CVE-2022-0117 page", url: "https://www.suse.com/security/cve/CVE-2022-0117/", }, { category: "self", summary: "SUSE CVE CVE-2022-0118 page", url: "https://www.suse.com/security/cve/CVE-2022-0118/", }, { category: "self", summary: "SUSE CVE CVE-2022-0120 page", url: "https://www.suse.com/security/cve/CVE-2022-0120/", }, { category: "self", summary: "SUSE CVE CVE-2022-0289 page", url: "https://www.suse.com/security/cve/CVE-2022-0289/", }, { category: "self", summary: "SUSE CVE CVE-2022-0290 page", url: "https://www.suse.com/security/cve/CVE-2022-0290/", }, { category: "self", summary: "SUSE CVE CVE-2022-0291 page", url: "https://www.suse.com/security/cve/CVE-2022-0291/", }, { category: "self", summary: "SUSE CVE CVE-2022-0292 page", url: "https://www.suse.com/security/cve/CVE-2022-0292/", }, { category: "self", summary: "SUSE CVE CVE-2022-0293 page", url: "https://www.suse.com/security/cve/CVE-2022-0293/", }, { category: "self", summary: "SUSE CVE CVE-2022-0294 page", url: "https://www.suse.com/security/cve/CVE-2022-0294/", }, { category: "self", summary: "SUSE CVE CVE-2022-0295 page", url: "https://www.suse.com/security/cve/CVE-2022-0295/", }, { category: "self", summary: "SUSE CVE CVE-2022-0296 page", url: "https://www.suse.com/security/cve/CVE-2022-0296/", }, { category: "self", summary: "SUSE CVE CVE-2022-0297 page", url: "https://www.suse.com/security/cve/CVE-2022-0297/", }, { category: "self", summary: "SUSE CVE CVE-2022-0298 page", url: "https://www.suse.com/security/cve/CVE-2022-0298/", }, { category: "self", summary: "SUSE CVE CVE-2022-0300 page", url: "https://www.suse.com/security/cve/CVE-2022-0300/", }, { category: "self", summary: "SUSE CVE CVE-2022-0301 page", url: "https://www.suse.com/security/cve/CVE-2022-0301/", }, { category: "self", summary: "SUSE CVE CVE-2022-0302 page", url: "https://www.suse.com/security/cve/CVE-2022-0302/", }, { category: "self", summary: "SUSE CVE CVE-2022-0304 page", url: "https://www.suse.com/security/cve/CVE-2022-0304/", }, { category: "self", summary: "SUSE CVE CVE-2022-0305 page", url: "https://www.suse.com/security/cve/CVE-2022-0305/", }, { category: "self", summary: "SUSE CVE CVE-2022-0306 page", url: "https://www.suse.com/security/cve/CVE-2022-0306/", }, { category: "self", summary: "SUSE CVE CVE-2022-0307 page", url: "https://www.suse.com/security/cve/CVE-2022-0307/", }, { category: "self", summary: "SUSE CVE CVE-2022-0308 page", url: "https://www.suse.com/security/cve/CVE-2022-0308/", }, { category: "self", summary: "SUSE CVE CVE-2022-0309 page", url: "https://www.suse.com/security/cve/CVE-2022-0309/", }, { category: "self", summary: "SUSE CVE CVE-2022-0310 page", url: "https://www.suse.com/security/cve/CVE-2022-0310/", }, { category: "self", summary: "SUSE CVE CVE-2022-0311 page", url: "https://www.suse.com/security/cve/CVE-2022-0311/", }, ], title: "Security update for opera", tracking: { current_release_date: "2022-02-20T17:01:21Z", generator: { date: "2022-02-20T17:01:21Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2022:0047-1", initial_release_date: "2022-02-20T17:01:21Z", revision_history: [ { date: "2022-02-20T17:01:21Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "opera-83.0.4254.27-lp153.2.33.1.x86_64", product: { name: "opera-83.0.4254.27-lp153.2.33.1.x86_64", product_id: "opera-83.0.4254.27-lp153.2.33.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.3 NonFree", product: { name: "openSUSE Leap 15.3 NonFree", product_id: "openSUSE Leap 15.3 NonFree", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "opera-83.0.4254.27-lp153.2.33.1.x86_64 as component of openSUSE Leap 15.3 NonFree", product_id: "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", }, product_reference: "opera-83.0.4254.27-lp153.2.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3 NonFree", }, ], }, vulnerabilities: [ { cve: "CVE-2021-37980", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37980", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37980", url: "https://www.suse.com/security/cve/CVE-2021-37980", }, { category: "external", summary: "SUSE Bug 1191463 for CVE-2021-37980", url: "https://bugzilla.suse.com/1191463", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "moderate", }, ], title: "CVE-2021-37980", }, { cve: "CVE-2021-37997", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37997", }, ], notes: [ { category: "general", text: "Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37997", url: "https://www.suse.com/security/cve/CVE-2021-37997", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37997", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-37997", }, { cve: "CVE-2021-37998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37998", }, ], notes: [ { category: "general", text: "Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37998", url: "https://www.suse.com/security/cve/CVE-2021-37998", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37998", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-37998", }, { cve: "CVE-2021-37999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37999", }, ], notes: [ { category: "general", text: "Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37999", url: "https://www.suse.com/security/cve/CVE-2021-37999", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-37999", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-37999", }, { cve: "CVE-2021-38001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38001", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38001", url: "https://www.suse.com/security/cve/CVE-2021-38001", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38001", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38001", }, { cve: "CVE-2021-38002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38002", }, ], notes: [ { category: "general", text: "Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38002", url: "https://www.suse.com/security/cve/CVE-2021-38002", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38002", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38002", }, { cve: "CVE-2021-38003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38003", }, ], notes: [ { category: "general", text: "Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38003", url: "https://www.suse.com/security/cve/CVE-2021-38003", }, { category: "external", summary: "SUSE Bug 1192184 for CVE-2021-38003", url: "https://bugzilla.suse.com/1192184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38003", }, { cve: "CVE-2021-38004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38004", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38004", url: "https://www.suse.com/security/cve/CVE-2021-38004", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "moderate", }, ], title: "CVE-2021-38004", }, { cve: "CVE-2021-38005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38005", }, ], notes: [ { category: "general", text: "Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38005", url: "https://www.suse.com/security/cve/CVE-2021-38005", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38005", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38005", }, { cve: "CVE-2021-38006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38006", }, ], notes: [ { category: "general", text: "Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38006", url: "https://www.suse.com/security/cve/CVE-2021-38006", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38006", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38006", }, { cve: "CVE-2021-38007", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38007", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38007", url: "https://www.suse.com/security/cve/CVE-2021-38007", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38007", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38007", }, { cve: "CVE-2021-38008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38008", }, ], notes: [ { category: "general", text: "Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38008", url: "https://www.suse.com/security/cve/CVE-2021-38008", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38008", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38008", }, { cve: "CVE-2021-38009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38009", }, ], notes: [ { category: "general", text: "Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38009", url: "https://www.suse.com/security/cve/CVE-2021-38009", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38009", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38009", }, { cve: "CVE-2021-38010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38010", }, ], notes: [ { category: "general", text: "Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38010", url: "https://www.suse.com/security/cve/CVE-2021-38010", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38010", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38010", }, { cve: "CVE-2021-38011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38011", }, ], notes: [ { category: "general", text: "Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38011", url: "https://www.suse.com/security/cve/CVE-2021-38011", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38011", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38011", }, { cve: "CVE-2021-38012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38012", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38012", url: "https://www.suse.com/security/cve/CVE-2021-38012", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38012", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38012", }, { cve: "CVE-2021-38013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38013", }, ], notes: [ { category: "general", text: "Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38013", url: "https://www.suse.com/security/cve/CVE-2021-38013", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38013", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38013", }, { cve: "CVE-2021-38014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38014", }, ], notes: [ { category: "general", text: "Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38014", url: "https://www.suse.com/security/cve/CVE-2021-38014", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38014", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38014", }, { cve: "CVE-2021-38015", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38015", }, ], notes: [ { category: "general", text: "Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38015", url: "https://www.suse.com/security/cve/CVE-2021-38015", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38015", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38015", }, { cve: "CVE-2021-38016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38016", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38016", url: "https://www.suse.com/security/cve/CVE-2021-38016", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38016", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38016", }, { cve: "CVE-2021-38017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38017", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38017", url: "https://www.suse.com/security/cve/CVE-2021-38017", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38017", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38017", }, { cve: "CVE-2021-38019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38019", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38019", url: "https://www.suse.com/security/cve/CVE-2021-38019", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38019", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38019", }, { cve: "CVE-2021-38020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38020", }, ], notes: [ { category: "general", text: "Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38020", url: "https://www.suse.com/security/cve/CVE-2021-38020", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38020", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38020", }, { cve: "CVE-2021-38021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38021", }, ], notes: [ { category: "general", text: "Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38021", url: "https://www.suse.com/security/cve/CVE-2021-38021", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38021", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38021", }, { cve: "CVE-2021-38022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38022", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38022", url: "https://www.suse.com/security/cve/CVE-2021-38022", }, { category: "external", summary: "SUSE Bug 1192734 for CVE-2021-38022", url: "https://bugzilla.suse.com/1192734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2021-38022", }, { cve: "CVE-2021-4052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4052", }, ], notes: [ { category: "general", text: "Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4052", url: "https://www.suse.com/security/cve/CVE-2021-4052", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4052", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4052", }, { cve: "CVE-2021-4053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4053", }, ], notes: [ { category: "general", text: "Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4053", url: "https://www.suse.com/security/cve/CVE-2021-4053", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4053", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4053", }, { cve: "CVE-2021-4054", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4054", }, ], notes: [ { category: "general", text: "Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4054", url: "https://www.suse.com/security/cve/CVE-2021-4054", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4054", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4054", }, { cve: "CVE-2021-4055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4055", }, ], notes: [ { category: "general", text: "Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4055", url: "https://www.suse.com/security/cve/CVE-2021-4055", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4055", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4055", }, { cve: "CVE-2021-4056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4056", }, ], notes: [ { category: "general", text: "Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4056", url: "https://www.suse.com/security/cve/CVE-2021-4056", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4056", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4056", }, { cve: "CVE-2021-4057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4057", }, ], notes: [ { category: "general", text: "Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4057", url: "https://www.suse.com/security/cve/CVE-2021-4057", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4057", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4057", }, { cve: "CVE-2021-4058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4058", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4058", url: "https://www.suse.com/security/cve/CVE-2021-4058", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4058", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4058", }, { cve: "CVE-2021-4059", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4059", }, ], notes: [ { category: "general", text: "Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4059", url: "https://www.suse.com/security/cve/CVE-2021-4059", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4059", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4059", }, { cve: "CVE-2021-4061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4061", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4061", url: "https://www.suse.com/security/cve/CVE-2021-4061", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4061", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4061", }, { cve: "CVE-2021-4062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4062", }, ], notes: [ { category: "general", text: "Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4062", url: "https://www.suse.com/security/cve/CVE-2021-4062", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4062", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4062", }, { cve: "CVE-2021-4063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4063", }, ], notes: [ { category: "general", text: "Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4063", url: "https://www.suse.com/security/cve/CVE-2021-4063", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4063", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4063", }, { cve: "CVE-2021-4064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4064", }, ], notes: [ { category: "general", text: "Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4064", url: "https://www.suse.com/security/cve/CVE-2021-4064", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4064", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4064", }, { cve: "CVE-2021-4065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4065", }, ], notes: [ { category: "general", text: "Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4065", url: "https://www.suse.com/security/cve/CVE-2021-4065", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4065", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4065", }, { cve: "CVE-2021-4066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4066", }, ], notes: [ { category: "general", text: "Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4066", url: "https://www.suse.com/security/cve/CVE-2021-4066", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4066", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4066", }, { cve: "CVE-2021-4067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4067", }, ], notes: [ { category: "general", text: "Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4067", url: "https://www.suse.com/security/cve/CVE-2021-4067", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4067", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4067", }, { cve: "CVE-2021-4068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4068", }, ], notes: [ { category: "general", text: "Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4068", url: "https://www.suse.com/security/cve/CVE-2021-4068", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4068", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4068", }, { cve: "CVE-2021-4078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4078", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4078", url: "https://www.suse.com/security/cve/CVE-2021-4078", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4078", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4078", }, { cve: "CVE-2021-4079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4079", }, ], notes: [ { category: "general", text: "Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4079", url: "https://www.suse.com/security/cve/CVE-2021-4079", }, { category: "external", summary: "SUSE Bug 1193519 for CVE-2021-4079", url: "https://bugzilla.suse.com/1193519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4079", }, { cve: "CVE-2021-4098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4098", }, ], notes: [ { category: "general", text: "Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4098", url: "https://www.suse.com/security/cve/CVE-2021-4098", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4098", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4098", }, { cve: "CVE-2021-4099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4099", }, ], notes: [ { category: "general", text: "Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4099", url: "https://www.suse.com/security/cve/CVE-2021-4099", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4099", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4099", }, { cve: "CVE-2021-4100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4100", }, ], notes: [ { category: "general", text: "Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4100", url: "https://www.suse.com/security/cve/CVE-2021-4100", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4100", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4100", }, { cve: "CVE-2021-4101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4101", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4101", url: "https://www.suse.com/security/cve/CVE-2021-4101", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4101", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4101", }, { cve: "CVE-2021-4102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4102", }, ], notes: [ { category: "general", text: "Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4102", url: "https://www.suse.com/security/cve/CVE-2021-4102", }, { category: "external", summary: "SUSE Bug 1193713 for CVE-2021-4102", url: "https://bugzilla.suse.com/1193713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "important", }, ], title: "CVE-2021-4102", }, { cve: "CVE-2022-0096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0096", }, ], notes: [ { category: "general", text: "Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0096", url: "https://www.suse.com/security/cve/CVE-2022-0096", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0096", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0096", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0096", }, { cve: "CVE-2022-0097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0097", }, ], notes: [ { category: "general", text: "Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0097", url: "https://www.suse.com/security/cve/CVE-2022-0097", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0097", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0097", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0097", }, { cve: "CVE-2022-0098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0098", }, ], notes: [ { category: "general", text: "Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0098", url: "https://www.suse.com/security/cve/CVE-2022-0098", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0098", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0098", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0098", }, { cve: "CVE-2022-0099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0099", }, ], notes: [ { category: "general", text: "Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0099", url: "https://www.suse.com/security/cve/CVE-2022-0099", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0099", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0099", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0099", }, { cve: "CVE-2022-0100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0100", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0100", url: "https://www.suse.com/security/cve/CVE-2022-0100", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0100", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0100", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0100", }, { cve: "CVE-2022-0101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0101", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0101", url: "https://www.suse.com/security/cve/CVE-2022-0101", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0101", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0101", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0101", }, { cve: "CVE-2022-0102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0102", }, ], notes: [ { category: "general", text: "Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0102", url: "https://www.suse.com/security/cve/CVE-2022-0102", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0102", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0102", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0102", }, { cve: "CVE-2022-0103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0103", }, ], notes: [ { category: "general", text: "Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0103", url: "https://www.suse.com/security/cve/CVE-2022-0103", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0103", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0103", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0103", }, { cve: "CVE-2022-0104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0104", }, ], notes: [ { category: "general", text: "Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0104", url: "https://www.suse.com/security/cve/CVE-2022-0104", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0104", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0104", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0104", }, { cve: "CVE-2022-0105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0105", }, ], notes: [ { category: "general", text: "Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0105", url: "https://www.suse.com/security/cve/CVE-2022-0105", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0105", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0105", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0105", }, { cve: "CVE-2022-0106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0106", }, ], notes: [ { category: "general", text: "Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0106", url: "https://www.suse.com/security/cve/CVE-2022-0106", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0106", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0106", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0106", }, { cve: "CVE-2022-0107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0107", }, ], notes: [ { category: "general", text: "Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0107", url: "https://www.suse.com/security/cve/CVE-2022-0107", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0107", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0107", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0107", }, { cve: "CVE-2022-0108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0108", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0108", url: "https://www.suse.com/security/cve/CVE-2022-0108", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0108", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1210731 for CVE-2022-0108", url: "https://bugzilla.suse.com/1210731", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0108", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0108", }, { cve: "CVE-2022-0109", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0109", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0109", url: "https://www.suse.com/security/cve/CVE-2022-0109", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0109", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0109", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0109", }, { cve: "CVE-2022-0110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0110", }, ], notes: [ { category: "general", text: "Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0110", url: "https://www.suse.com/security/cve/CVE-2022-0110", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0110", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0110", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0110", }, { cve: "CVE-2022-0111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0111", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0111", url: "https://www.suse.com/security/cve/CVE-2022-0111", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0111", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0111", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0111", }, { cve: "CVE-2022-0112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0112", }, ], notes: [ { category: "general", text: "Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0112", url: "https://www.suse.com/security/cve/CVE-2022-0112", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0112", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0112", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0112", }, { cve: "CVE-2022-0113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0113", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0113", url: "https://www.suse.com/security/cve/CVE-2022-0113", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0113", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0113", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0113", }, { cve: "CVE-2022-0114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0114", }, ], notes: [ { category: "general", text: "Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0114", url: "https://www.suse.com/security/cve/CVE-2022-0114", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0114", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0114", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0114", }, { cve: "CVE-2022-0115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0115", }, ], notes: [ { category: "general", text: "Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0115", url: "https://www.suse.com/security/cve/CVE-2022-0115", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0115", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0115", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0115", }, { cve: "CVE-2022-0116", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0116", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0116", url: "https://www.suse.com/security/cve/CVE-2022-0116", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0116", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0116", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0116", }, { cve: "CVE-2022-0117", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0117", }, ], notes: [ { category: "general", text: "Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0117", url: "https://www.suse.com/security/cve/CVE-2022-0117", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0117", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0117", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0117", }, { cve: "CVE-2022-0118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0118", }, ], notes: [ { category: "general", text: "Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0118", url: "https://www.suse.com/security/cve/CVE-2022-0118", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0118", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0118", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0118", }, { cve: "CVE-2022-0120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0120", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0120", url: "https://www.suse.com/security/cve/CVE-2022-0120", }, { category: "external", summary: "SUSE Bug 1194331 for CVE-2022-0120", url: "https://bugzilla.suse.com/1194331", }, { category: "external", summary: "SUSE Bug 1213802 for CVE-2022-0120", url: "https://bugzilla.suse.com/1213802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0120", }, { cve: "CVE-2022-0289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0289", }, ], notes: [ { category: "general", text: "Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0289", url: "https://www.suse.com/security/cve/CVE-2022-0289", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0289", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0289", }, { cve: "CVE-2022-0290", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0290", }, ], notes: [ { category: "general", text: "Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0290", url: "https://www.suse.com/security/cve/CVE-2022-0290", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0290", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0290", }, { cve: "CVE-2022-0291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0291", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0291", url: "https://www.suse.com/security/cve/CVE-2022-0291", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0291", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0291", }, { cve: "CVE-2022-0292", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0292", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0292", url: "https://www.suse.com/security/cve/CVE-2022-0292", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0292", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0292", }, { cve: "CVE-2022-0293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0293", }, ], notes: [ { category: "general", text: "Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0293", url: "https://www.suse.com/security/cve/CVE-2022-0293", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0293", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0293", }, { cve: "CVE-2022-0294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0294", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0294", url: "https://www.suse.com/security/cve/CVE-2022-0294", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0294", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0294", }, { cve: "CVE-2022-0295", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0295", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0295", url: "https://www.suse.com/security/cve/CVE-2022-0295", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0295", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0295", }, { cve: "CVE-2022-0296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0296", }, ], notes: [ { category: "general", text: "Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0296", url: "https://www.suse.com/security/cve/CVE-2022-0296", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0296", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0296", }, { cve: "CVE-2022-0297", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0297", }, ], notes: [ { category: "general", text: "Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0297", url: "https://www.suse.com/security/cve/CVE-2022-0297", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0297", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0297", }, { cve: "CVE-2022-0298", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0298", }, ], notes: [ { category: "general", text: "Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0298", url: "https://www.suse.com/security/cve/CVE-2022-0298", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0298", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0298", }, { cve: "CVE-2022-0300", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0300", }, ], notes: [ { category: "general", text: "Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0300", url: "https://www.suse.com/security/cve/CVE-2022-0300", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0300", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0300", }, { cve: "CVE-2022-0301", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0301", }, ], notes: [ { category: "general", text: "Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0301", url: "https://www.suse.com/security/cve/CVE-2022-0301", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0301", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0301", }, { cve: "CVE-2022-0302", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0302", }, ], notes: [ { category: "general", text: "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0302", url: "https://www.suse.com/security/cve/CVE-2022-0302", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0302", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0302", }, { cve: "CVE-2022-0304", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0304", }, ], notes: [ { category: "general", text: "Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0304", url: "https://www.suse.com/security/cve/CVE-2022-0304", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0304", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0304", }, { cve: "CVE-2022-0305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0305", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0305", url: "https://www.suse.com/security/cve/CVE-2022-0305", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0305", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0305", }, { cve: "CVE-2022-0306", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0306", }, ], notes: [ { category: "general", text: "Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0306", url: "https://www.suse.com/security/cve/CVE-2022-0306", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0306", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0306", }, { cve: "CVE-2022-0307", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0307", }, ], notes: [ { category: "general", text: "Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0307", url: "https://www.suse.com/security/cve/CVE-2022-0307", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0307", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0307", }, { cve: "CVE-2022-0308", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0308", }, ], notes: [ { category: "general", text: "Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0308", url: "https://www.suse.com/security/cve/CVE-2022-0308", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0308", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0308", }, { cve: "CVE-2022-0309", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0309", }, ], notes: [ { category: "general", text: "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0309", url: "https://www.suse.com/security/cve/CVE-2022-0309", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0309", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0309", }, { cve: "CVE-2022-0310", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0310", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0310", url: "https://www.suse.com/security/cve/CVE-2022-0310", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0310", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0310", }, { cve: "CVE-2022-0311", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0311", }, ], notes: [ { category: "general", text: "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0311", url: "https://www.suse.com/security/cve/CVE-2022-0311", }, { category: "external", summary: "SUSE Bug 1194919 for CVE-2022-0311", url: "https://bugzilla.suse.com/1194919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.3 NonFree:opera-83.0.4254.27-lp153.2.33.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-02-20T17:01:21Z", details: "critical", }, ], title: "CVE-2022-0311", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.