CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
84.2%
Severity: High
Date : 2021-01-12
CVE-ID : CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107
CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111
CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115
CVE-2021-21116
Package : vivaldi
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1424
The package vivaldi before version 3.5.2115.87-1 is vulnerable to
multiple issues including access restriction bypass, arbitrary code
execution and insufficient validation.
Upgrade to 3.5.2115.87-1.
The problems have been fixed upstream in version 3.5.2115.87.
None.
An out of bounds write security issue has been found in the V8
component of the Chromium browser before version 87.0.4280.141.
An insufficient data validation security issue has been found in the
networking component of the Chromium browser before version
87.0.4280.141.
A use after free security issue has been found in the autofill
component of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the drag and drop
component of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the media component
of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the payments
component of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the safe browsing
component of the Chromium browser before version 87.0.4280.141.
An insufficient policy enforcement security issue has been found in the
WebUI component of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the Blink component
of the Chromium browser before version 87.0.4280.141.
A heap buffer overflow security issue has been found in the Skia
component of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the audio component
of the Chromium browser before version 87.0.4280.141.
A use after free security issue has been found in the safe browsing
component of the Chromium browser before version 87.0.4280.141.
A heap buffer overflow security issue has been found in the audio
component of the Chromium browser before version 87.0.4280.141.
A remote attacker might be able to bypass security restrictions and
execute arbitrary code.
https://vivaldi.com/blog/desktop/minor-update-for-vivaldi-desktop-browser-3-5/
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html
https://crbug.com/1157790
https://crbug.com/1148309
https://crbug.com/1148749
https://crbug.com/1153595
https://crbug.com/1155426
https://crbug.com/1152334
https://crbug.com/1152451
https://crbug.com/1149125
https://crbug.com/1151298
https://crbug.com/1155178
https://crbug.com/1150065
https://crbug.com/1157814
https://crbug.com/1151069
https://security.archlinux.org/CVE-2020-15995
https://security.archlinux.org/CVE-2020-16043
https://security.archlinux.org/CVE-2021-21106
https://security.archlinux.org/CVE-2021-21107
https://security.archlinux.org/CVE-2021-21108
https://security.archlinux.org/CVE-2021-21109
https://security.archlinux.org/CVE-2021-21110
https://security.archlinux.org/CVE-2021-21111
https://security.archlinux.org/CVE-2021-21112
https://security.archlinux.org/CVE-2021-21113
https://security.archlinux.org/CVE-2021-21114
https://security.archlinux.org/CVE-2021-21115
https://security.archlinux.org/CVE-2021-21116
chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html
crbug.com/1148309
crbug.com/1148749
crbug.com/1149125
crbug.com/1150065
crbug.com/1151069
crbug.com/1151298
crbug.com/1152334
crbug.com/1152451
crbug.com/1153595
crbug.com/1155178
crbug.com/1155426
crbug.com/1157790
crbug.com/1157814
security.archlinux.org/AVG-1424
security.archlinux.org/CVE-2020-15995
security.archlinux.org/CVE-2020-16043
security.archlinux.org/CVE-2021-21106
security.archlinux.org/CVE-2021-21107
security.archlinux.org/CVE-2021-21108
security.archlinux.org/CVE-2021-21109
security.archlinux.org/CVE-2021-21110
security.archlinux.org/CVE-2021-21111
security.archlinux.org/CVE-2021-21112
security.archlinux.org/CVE-2021-21113
security.archlinux.org/CVE-2021-21114
security.archlinux.org/CVE-2021-21115
security.archlinux.org/CVE-2021-21116
vivaldi.com/blog/desktop/minor-update-for-vivaldi-desktop-browser-3-5/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
84.2%