8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.039 Low
EPSS
Percentile
91.9%
Severity: High
Date : 2021-07-21
CVE-ID : CVE-2021-30541 CVE-2021-30559 CVE-2021-30560 CVE-2021-30561
CVE-2021-30562 CVE-2021-30563 CVE-2021-30564
Package : opera
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-2168
The package opera before version 77.0.4054.277-1 is vulnerable to
arbitrary code execution.
Upgrade to 77.0.4054.277-1.
The problems have been fixed upstream in version 77.0.4054.277.
None.
A use after free security issue has been found in the V8 component of
the Chromium browser engine before version 91.0.4472.164.
An out of bounds write security issue has been found in the ANGLE
component of the Chromium browser engine before version 91.0.4472.164.
A use after free security issue has been found in the Blink XSLT
component of the Chromium browser engine before version 91.0.4472.164.
A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 91.0.4472.164.
A use after free security issue has been found in the WebSerial
component of the Chromium browser engine before version 91.0.4472.164.
A type confusion security issue has been found in the V8 component of
the Chromium browser engine before version 91.0.4472.164. Google is
aware of reports that an exploit for CVE-2021-30563 exists in the wild.
A heap buffer overflow security issue has been found in the WebXR
component of the Chromium browser engine before version 91.0.4472.164.
A remote attacker could execute arbitrary code through a crafted web
page. Google is aware that an exploit for one of the security issues
exists in the wild.
https://blogs.opera.com/desktop/changelog-for-77/
https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html
https://crbug.com/1214842
https://crbug.com/1219082
https://crbug.com/1219209
https://crbug.com/1219630
https://crbug.com/1220078
https://crbug.com/1228407
https://crbug.com/1221309
https://security.archlinux.org/CVE-2021-30541
https://security.archlinux.org/CVE-2021-30559
https://security.archlinux.org/CVE-2021-30560
https://security.archlinux.org/CVE-2021-30561
https://security.archlinux.org/CVE-2021-30562
https://security.archlinux.org/CVE-2021-30563
https://security.archlinux.org/CVE-2021-30564
blogs.opera.com/desktop/changelog-for-77/
chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html
crbug.com/1214842
crbug.com/1219082
crbug.com/1219209
crbug.com/1219630
crbug.com/1220078
crbug.com/1221309
crbug.com/1228407
security.archlinux.org/AVG-2168
security.archlinux.org/CVE-2021-30541
security.archlinux.org/CVE-2021-30559
security.archlinux.org/CVE-2021-30560
security.archlinux.org/CVE-2021-30561
security.archlinux.org/CVE-2021-30562
security.archlinux.org/CVE-2021-30563
security.archlinux.org/CVE-2021-30564
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.039 Low
EPSS
Percentile
91.9%