CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
74.7%
Severity: Critical
Date : 2021-02-06
CVE-ID : CVE-2020-16044 CVE-2021-21117 CVE-2021-21118 CVE-2021-21119
CVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123
CVE-2021-21124 CVE-2021-21125 CVE-2021-21126 CVE-2021-21127
CVE-2021-21128 CVE-2021-21129 CVE-2021-21130 CVE-2021-21131
CVE-2021-21132 CVE-2021-21133 CVE-2021-21134 CVE-2021-21135
CVE-2021-21136 CVE-2021-21137 CVE-2021-21138 CVE-2021-21139
CVE-2021-21140 CVE-2021-21141
Package : opera
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1479
The package opera before version 74.0.3911.75-1 is vulnerable to
multiple issues including arbitrary code execution, insufficient
validation, content spoofing and incorrect calculation.
Upgrade to 74.0.3911.75-1.
The problems have been fixed upstream in version 74.0.3911.75.
None.
A security issue was found in Firefox before 84.0.2, Thunderbird before
78.6.1 and Chromium before 88.0.4324.96. A malicious peer could have
modified a COOKIE-ECHO chunk in an SCTP packet in a way that
potentially resulted in a use-after-free. Mozilla presumes that with
enough effort it could have been exploited to run arbitrary code.
An insufficient policy enforcement security issue was found in the
Cryptohome component of the Chromium browser before version
88.0.4324.96.
An insufficient data validation security issue was found in the V8
component of the Chromium browser before version 88.0.4324.96.
A use after free security issue was found in the Media component of the
Chromium browser before version 88.0.4324.96.
A use after free security issue was found in the WebSQL component of
the Chromium browser before version 88.0.4324.96.
A use after free security issue was found in the Omnibox component of
the Chromium browser before version 88.0.4324.96.
A use after free security issue was found in the Blink component of the
Chromium browser before version 88.0.4324.96.
An insufficient data validation security issue was found in the File
System component of the Chromium browser before version 88.0.4324.96.
A potential use after free security issue was found in the Speech
Recognizer component of the Chromium browser before version
88.0.4324.96.
An insufficient policy enforcement security issue was found in the File
System API component of the Chromium browser before version
88.0.4324.96.
An insufficient policy enforcement security issue was found in the
extensions component of the Chromium browser before version
88.0.4324.96.
An insufficient policy enforcement security issue was found in the
extensions component of the Chromium browser before version
88.0.4324.96.
A heap buffer overflow security issue was found in the Blink component
of the Chromium browser before version 88.0.4324.96.
An insufficient policy enforcement security issue was found in the File
System API component of the Chromium browser before version
88.0.4324.96.
An insufficient policy enforcement security issue was found in the File
System API component of the Chromium browser before version
88.0.4324.96.
An insufficient policy enforcement security issue was found in the File
System API component of the Chromium browser before version
88.0.4324.96.
An inappropriate implementation security issue was found in the
DevTools component of the Chromium browser before version 88.0.4324.96.
An insufficient policy enforcement security issue was found in the
Downloads component of the Chromium browser before version
88.0.4324.96.
An incorrect security UI security issue was found in the Page Info
component of the Chromium browser before version 88.0.4324.96.
An inappropriate implementation security issue was found in the
Performance API component of the Chromium browser before version
88.0.4324.96.
An insufficient policy enforcement security issue was found in the
WebView component of the Chromium browser before version 88.0.4324.96.
An inappropriate implementation security issue was found in the
DevTools component of the Chromium browser before version 88.0.4324.96.
A use after free security issue was found in the DevTools component of
the Chromium browser before version 88.0.4324.96.
An inappropriate implementation security issue was found in the iframe
sandbox component of the Chromium browser before version 88.0.4324.96.
An uninitialized use security issue was found in the USB component of
the Chromium browser before version 88.0.4324.96.
An insufficient policy enforcement security issue was found in the File
System API component of the Chromium browser before version
88.0.4324.96.
A remote attacker might be able to bypass security measures, trick the
user into performing unwanted actions or execute arbitrary code.
https://blogs.opera.com/desktop/2021/02/opera-74-stable/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/#CVE-2020-16044
https://bugzilla.mozilla.org/show_bug.cgi?id=1683964
https://hg.mozilla.org/mozilla-central/rev/08ba03dc8d4420e04e7c77fee3013e68180e6ead
https://hg.mozilla.org/mozilla-central/rev/8c09f4813fc7e8f44605b6092262199bff15cdd7
https://hg.mozilla.org/mozilla-central/rev/5991645a87d2abf289686d09d943229c9e3e54b5
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
https://crbug.com/1137179
https://crbug.com/1161357
https://crbug.com/1160534
https://crbug.com/1160602
https://crbug.com/1161143
https://crbug.com/1162131
https://crbug.com/1137247
https://crbug.com/1131346
https://crbug.com/1152327
https://crbug.com/1108126
https://crbug.com/1115590
https://crbug.com/1138877
https://crbug.com/1140403
https://crbug.com/1140410
https://crbug.com/1140417
https://crbug.com/1128206
https://crbug.com/1157743
https://crbug.com/1157800
https://crbug.com/1157818
https://crbug.com/1038002
https://crbug.com/1093791
https://crbug.com/1122487
https://crbug.com/937131
https://crbug.com/1136327
https://crbug.com/1140435
https://security.archlinux.org/CVE-2020-16044
https://security.archlinux.org/CVE-2021-21117
https://security.archlinux.org/CVE-2021-21118
https://security.archlinux.org/CVE-2021-21119
https://security.archlinux.org/CVE-2021-21120
https://security.archlinux.org/CVE-2021-21121
https://security.archlinux.org/CVE-2021-21122
https://security.archlinux.org/CVE-2021-21123
https://security.archlinux.org/CVE-2021-21124
https://security.archlinux.org/CVE-2021-21125
https://security.archlinux.org/CVE-2021-21126
https://security.archlinux.org/CVE-2021-21127
https://security.archlinux.org/CVE-2021-21128
https://security.archlinux.org/CVE-2021-21129
https://security.archlinux.org/CVE-2021-21130
https://security.archlinux.org/CVE-2021-21131
https://security.archlinux.org/CVE-2021-21132
https://security.archlinux.org/CVE-2021-21133
https://security.archlinux.org/CVE-2021-21134
https://security.archlinux.org/CVE-2021-21135
https://security.archlinux.org/CVE-2021-21136
https://security.archlinux.org/CVE-2021-21137
https://security.archlinux.org/CVE-2021-21138
https://security.archlinux.org/CVE-2021-21139
https://security.archlinux.org/CVE-2021-21140
https://security.archlinux.org/CVE-2021-21141
blogs.opera.com/desktop/2021/02/opera-74-stable/
bugzilla.mozilla.org/show_bug.cgi?id=1683964
chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
crbug.com/1038002
crbug.com/1093791
crbug.com/1108126
crbug.com/1115590
crbug.com/1122487
crbug.com/1128206
crbug.com/1131346
crbug.com/1136327
crbug.com/1137179
crbug.com/1137247
crbug.com/1138877
crbug.com/1140403
crbug.com/1140410
crbug.com/1140417
crbug.com/1140435
crbug.com/1152327
crbug.com/1157743
crbug.com/1157800
crbug.com/1157818
crbug.com/1160534
crbug.com/1160602
crbug.com/1161143
crbug.com/1161357
crbug.com/1162131
crbug.com/937131
hg.mozilla.org/mozilla-central/rev/08ba03dc8d4420e04e7c77fee3013e68180e6ead
hg.mozilla.org/mozilla-central/rev/5991645a87d2abf289686d09d943229c9e3e54b5
hg.mozilla.org/mozilla-central/rev/8c09f4813fc7e8f44605b6092262199bff15cdd7
security.archlinux.org/AVG-1479
security.archlinux.org/CVE-2020-16044
security.archlinux.org/CVE-2021-21117
security.archlinux.org/CVE-2021-21118
security.archlinux.org/CVE-2021-21119
security.archlinux.org/CVE-2021-21120
security.archlinux.org/CVE-2021-21121
security.archlinux.org/CVE-2021-21122
security.archlinux.org/CVE-2021-21123
security.archlinux.org/CVE-2021-21124
security.archlinux.org/CVE-2021-21125
security.archlinux.org/CVE-2021-21126
security.archlinux.org/CVE-2021-21127
security.archlinux.org/CVE-2021-21128
security.archlinux.org/CVE-2021-21129
security.archlinux.org/CVE-2021-21130
security.archlinux.org/CVE-2021-21131
security.archlinux.org/CVE-2021-21132
security.archlinux.org/CVE-2021-21133
security.archlinux.org/CVE-2021-21134
security.archlinux.org/CVE-2021-21135
security.archlinux.org/CVE-2021-21136
security.archlinux.org/CVE-2021-21137
security.archlinux.org/CVE-2021-21138
security.archlinux.org/CVE-2021-21139
security.archlinux.org/CVE-2021-21140
security.archlinux.org/CVE-2021-21141
www.mozilla.org/en-US/security/advisories/mfsa2021-01/#CVE-2020-16044
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
74.7%