opensuse-su-2023:0251-1
Vulnerability from csaf_opensuse
Published
2023-09-23 12:02
Modified
2023-09-23 12:02
Summary
Security update for opera
Notes
Title of the patch
Security update for opera
Description of the patch
This update for opera fixes the following issues:
- Update to 102.0.4880.40
* DNA-111203 Prepare translations for home button in settings
- Changes in 102.0.4880.38
* DNA-110720 [Sidebar] Sidebar app increase size every time
it's reopened
* DNA-110723 Music logo in light mode of 'Select service'
unreadable on hover
* DNA-110821 Run-if-alive callback missing in WMFDecoderImpl
* DNA-110835 Search/copy popup issues
* DNA-111038 Disable profile migration
* DNA-111263 Tab island animation incorrect when tabstrip full
- Update to 102.0.4880.33
* CHR-9411 Update Chromium on desktop-stable-116-4880 to
116.0.5845.141
* DNA-110172 [BUG] Images inside popup does not get rounded
corner
* DNA-110828 Update chess.com build
* DNA-110834 Crash at opera::component_based::
TabAnimationController::StartAnimatedLayout(opera::
component_based::TabAnimationController::AnimationInfo,
base::OnceCallback)
* DNA-111144 Enable a new version of the extension.
- The update to chromium 116.0.5845.141 fixes following issues:
CVE-2023-4572
- Update to 102.0.4880.29
* DNA-109498 Splash screen is shown on every restart of
the browser
* DNA-109698 Test Amazon Music support
* DNA-109840 Amazon music logo is very small and unreadable
* DNA-109841 Amazon music logo in player mode is too wide
* DNA-109842 [opauto] Add tests for Amazon Music in Player
* DNA-109937 Crash at opera::ComponentTabStripController::
SetGroupCollapsed(tab_groups::TabGroupId const&, bool)
* DNA-110107 Clicking roblox link on page closes the tab
* DNA-110110 [Tab strip][Tab island] Middle/right mouse click
on top of the screen have no/wrong efect
* DNA-110125 [Win/Lin] New design for default scrollbars on
web page
* DNA-110130 Capture mouse events on the 1-pixel edge to the
right of the web view
* DNA-110586 Shadow is clipped if first tab is selected
* DNA-110637 Revert removal of start page button
* DNA-110684 Add bookmarks permissions
* DNA-110702 [Scrollable] Pin group is not aligned with
address bar
* DNA-110737 [OMenu] Menu button looks weird
* DNA-110788 No 1-pixel edge in full screen mode
* DNA-110828 Update chess.com build
* DNA-110842 [Tab strip] Make ‘+’ button round(er) again
* DNA-110874 Bring back Home button
* DNA-110876 Search box on Start page without transparency
* DNA-110878 Turn on Amazon Music on developer
* DNA-110905 Amazon Music for all given locales
* DNA-110961 [WinLin] Remove 1-pixel edge in full screen mode
* DNA-111038 Disable profile migration
* DNA-111079 Improve user-profile migration
* DNA-111092 Disable profile migration flag for
desktop-stable-116-4880
- Update to 102.0.4880.16
* CHR-9396 Update Chromium on desktop-stable-116-4880 to
116.0.5845.97
* DNA-110040 Crash at crash_reporter::(anonymous namespace)::
AbslAbortHook(char const*, int, char const*, char const*,
char const*)
* DNA-110315 O-menu opening after pressing alt on site which
have action for Alt press
* DNA-110440 [Tab strip] Tab favicon not cropped when it does
not fit in tab size
* DNA-110469 Move Shopping corner and Loomi to
'Special Features' section
* DNA-110510 [Tab strip] Mute icon displayed over tab title
* DNA-110526 If group is first the tab bar is not aligned
with address bar
* DNA-110828 Update chess.com build
* DNA-110836 Promote 102 to stable
* DNA-110892 Translations for O102
* DNA-110962 Fix ab_tests.json preferences override not working
- The update to chromium 116.0.5845.97 fixes following issues:
CVE-2023-2312, CVE-2023-4349, CVE-2023-4350, CVE-2023-4351,
CVE-2023-4352, CVE-2023-4353, CVE-2023-4354, CVE-2023-4355,
CVE-2023-4356, CVE-2023-4357, CVE-2023-4358, CVE-2023-4359,
CVE-2023-4360, CVE-2023-4361, CVE-2023-4362, CVE-2023-4362,
CVE-2023-4363, CVE-2023-4364, CVE-2023-4365, CVE-2023-4366,
CVE-2023-4367, CVE-2023-4368
- Complete Opera 102 changelog at:
https://blogs.opera.com/desktop/changelog-for-102/
- Update to 101.0.4843.43
* CHR-9381 Update Chromium on desktop-stable-115-4843 to
115.0.5790.171
* DNA-108919 Tab Island 'Move To Island' highlight color is the
same as island color
* DNA-109202 Often extension popup is not displayed
* DNA-109454 Wallpaper customization with remote resource
* DNA-109679 Fix typo in flags schema
* DNA-109927 Add tooltips for visual or incomplete items in
context menu
* DNA-110225 Replace Twitter logo in Sidebar with the new one X
* DNA-110244 Translations for O101
* DNA-110276 Fix race condition in DeferredInstalledWallpapers
* DNA-110400 teaser_event_impression counted when user closes
baner
- The update to chromium 115.0.5790.171 fixes following issues:
CVE-2023-4068, CVE-2023-4069, CVE-2023-4070, CVE-2023-4071,
CVE-2023-4072, CVE-2023-4073, CVE-2023-4074, CVE-2023-4075,
CVE-2023-4076, CVE-2023-4077, CVE-2023-4078
- Update to 101.0.4843.23
* DNA-109400 Enable #adblocker-anticv on developer stream
* DNA-109423 Add histograms to help track
#platform-h264-decoder-in-gpu quality
* DNA-109861 Crash on expading folder on bookmark bar containing
unnamed subfolder
* DNA-109872 WMFAudioDecoder reports spurious dry run if
initialized during pipeline shutdown
* DNA-109908 Crash at opera::(anonymous namespace)::
AddNewTabToWorkspaceIfCurrent(Browser*, opera::WorkspaceId)
(.llvm.13400399341940007321)
* DNA-110005 Duplicated tabs indicator is not shown on tab bar
* DNA-110062 [Linux] QT6 dependency issue with .rpm package
* DNA-110210 Enable #adblocker-anticv on all streams
* DNA-110244 Translations for O101
- Update to 101.0.4843.25
* CHR-9357 Update Chromium on desktop-stable-115-4843 to
115.0.5790.90
* CHR-9362 Update Chromium on desktop-stable-115-4843 to
115.0.5790.102
* DNA-104841 Create a smooth corner background
* DNA-108012 [Opera One] Misaligned inner bookmarks menu
in Opera Menu
* DNA-109129 Crash at opera::component_based::
OperaOneIntroductionAnimationController::AnimateHideVisibility()
* DNA-109209 Dragged island falls under island its being
dragged over
* DNA-109266 Crash at content::WebContentsImpl::
SetDelegate(content::WebContentsDelegate*)
* DNA-109310 Broken session files are not automatically
recovered
* DNA-109448 [AdBlock] Images from ads are missing with AA
enabled
* DNA-109587 'Show bookmarks bar' checkbox on bookmarks
feature(Dark Mode)
* DNA-109674 Closing the tabs in the workspace in the other
window will close Opera
* DNA-109694 Smooth corners on active tab
* DNA-109774 Log when trying to switch workspace while
closing browser
* DNA-110005 Duplicated tabs indicator is not shown on tab bar
* DNA-110244 Translations for O101
- Complete Opera 101 changelog at:
https://blogs.opera.com/desktop/changelog-for-101/
- Update to 100.0.4815.76
* DNA-109129 Crash at opera::component_based::Opera
OneIntroductionAnimationController::AnimateHideVisibility()
* DNA-109233 Crash at crash_reporter::(anonymous namespace)::
AbslAbortHook(char const*, int, char const*, char const*,
char const*)
* DNA-109673 Session stat event teaser_tile_click is not sent
* DNA-109897 Session is lost when new session file is created
- Changes in 100.0.4815.54
* DNA-109148 Allow AI extension to change permissions during
update
* DNA-109172 WMFAudioDecoder fails with
#platform-aac-decoder-in-gpu enabled
* DNA-109633 Do not send TabStripEmpty multiple times
* DNA-109674 Closing the tabs in the workspace in the other
window will close Opera
* DNA-109774 Log when trying to switch workspace while
closing browser
- Changes in 100.0.4815.47
* DNA-108456 WMFAudioDecoder dry run should include decoding
one buffer
* DNA-108478 Disable extension icon on the right side
(where all normal extensions are)
* DNA-108791 Give access to feedbackPopupPrivate
* DNA-109134 Crash at media::FFmpegDemuxer::
OnFindStreamInfoDone(int) if LD_PRELOAD set by user
* DNA-109137 SD images/icons/logo not loading or loading
really slow
* DNA-109182 Please add an event when popup closes
* DNA-109231 Extended click area does not work for groups
* DNA-109242 Session unload kDisablePageLoadsOnStartup
not working
* DNA-109310 Broken session files are not automatically recovered
* DNA-109618 Crash logger RestartAction should be set only
after crash
- Update to 100.0.4815.30
* CHR-9339 Update Chromium on desktop-stable-114-4815 to
114.0.5735.199
* DNA-106986 [Tab strip][Tab islands] Reduce size of tab island
handle
* DNA-107205 Disable banner on fresh installation
'Back up your Opera Browser'
* DNA-107306 Update Contributors list Opera One
* DNA-107337 NotReached in Browser::CloseContents
* DNA-107673 Crash at static void
opera::ComponentTabStripController::ShowHoverCardForGroup()
* DNA-108461 Distribute Aria with the Opera build
* DNA-108540 [Rich Hints] Tab islands – a trigger and anchor
* DNA-108545 Track accelerated video decoding support
* DNA-108606 [Mac] Opening context menu closes subfolders menu
on bookmark bar
* DNA-108664 Set minimum and maximum width for Aria extension
* DNA-108702 Tab falls outside island with specific number of
tabs on tab strip
* DNA-108731 Add 'aria' stat to the schema
* DNA-108760 Record tab islands events
* DNA-108761 Implement ‘Later' functionality
* DNA-108763 Implement ‘Quit while showing onboarding'
* DNA-108806 Command Line not activated when sidebar panel
is opened
* DNA-108858 [Linux] Browser window corners are not rounded
perfectly
* DNA-108863 Sidebar panel isn't properly aligned with sidebar
* DNA-108882 [Icon change] Sync icon without custom image
* DNA-108898 [Autohide] Sidebar panel title bar is not tall
enough
* DNA-108906 Turn on #component-based-context-menu on all streams
* DNA-108907 Empty text (button inactive) button color is wrong
* DNA-108912 Implement rotating animation for Aria command line
* DNA-108921 Enable #opera-one-introduction on all streams
* DNA-108928 Show overlay only if command-line parameter was
given
* DNA-108933 Update repack script to handle introduction
extension
* DNA-108938 Translations for O100
* DNA-108942 Remove Shopping Corner from the sidebar by default
* DNA-108943 Crash at
opera::AriaCommandLineController::~AriaCommandLineController()
* DNA-108949 Make opera://intro display introduction page from
extension
* DNA-108952 Implement splash screen
* DNA-108955 Aria extension is moved to the right after sending
prompt from Command Line when sidebar is set to autohide
* DNA-108957 Opera crashes during shutdown after
opera-one-introduction hid
* DNA-108958 Commandline disappears after clicking Aria
logo on Commandline bar
* DNA-108959 Commandline does not have hover effect on Send
button
* DNA-108980 Add Control+Shift+7 / Command+Shift+7 as alternative
shortcut for Aria command line
* DNA-108992 Opera One introduction appears in every New Window
* DNA-109009 Crash at
opera::component_based::ComponentTabGroup::UpdateTabAppearances()
* DNA-109021 [Stable] No Shopping corner icon in sidebar setup
* DNA-109031 [Tab islands] Island can automatically re-collapse
when clicking handle button to expand it
* DNA-109036 [Private Mode] [Light Team] Icons in address bar
flashed white when pressed
* DNA-109037 [Private Mode][Light] Folders name are not
readable in BB when highlighted
* DNA-109085 Two separators after ‘Search with' option
* DNA-109091 Can't change tab when window is maximized on second
display
* DNA-109096 'Move to workspaces” doesn't fit all workspaces
* DNA-109099 [WinLin] Add Aria command line to Opera menu
* DNA-109102 [O-menu][History] Wrong layout of elements without
icon in history submenu
* DNA-109129 Crash at opera::component_based::OperaOneIntroduction
AnimationController::AnimateHideVisibility()
* DNA-109199 DCHECK when pinning tabs
* DNA-108893 Promote 100 to stable
- Complete Opera 100 changelog at:
https://blogs.opera.com/desktop/changelog-for-100/
- The update to chromium 114.0.5735.199 fixes following issues:
CVE-2023-3420, CVE-2023-3421, CVE-2023-3422
- Update to 99.0.4788.31
* DNA-107338 NotReached in SadTabView::OnPaint
* DNA-107689 Crash at extensions::
ShodanPrivateShowPopupForSelectedTextFunction::Run()
Patchnames
openSUSE-2023-251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for opera",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for opera fixes the following issues:\n\n- Update to 102.0.4880.40\n\n * DNA-111203 Prepare translations for home button in settings\n\n- Changes in 102.0.4880.38\n\n * DNA-110720 [Sidebar] Sidebar app increase size every time\n it\u0027s reopened\n * DNA-110723 Music logo in light mode of \u0027Select service\u0027\n unreadable on hover\n * DNA-110821 Run-if-alive callback missing in WMFDecoderImpl\n * DNA-110835 Search/copy popup issues\n * DNA-111038 Disable profile migration\n * DNA-111263 Tab island animation incorrect when tabstrip full\n\n- Update to 102.0.4880.33\n\n * CHR-9411 Update Chromium on desktop-stable-116-4880 to\n 116.0.5845.141\n * DNA-110172 [BUG] Images inside popup does not get rounded\n corner\n * DNA-110828 Update chess.com build\n * DNA-110834 Crash at opera::component_based::\n TabAnimationController::StartAnimatedLayout(opera::\n component_based::TabAnimationController::AnimationInfo,\n base::OnceCallback)\n * DNA-111144 Enable a new version of the extension.\n\n- The update to chromium 116.0.5845.141 fixes following issues: \n CVE-2023-4572\n\n- Update to 102.0.4880.29\n\n * DNA-109498 Splash screen is shown on every restart of\n the browser\n * DNA-109698 Test Amazon Music support\n * DNA-109840 Amazon music logo is very small and unreadable\n * DNA-109841 Amazon music logo in player mode is too wide\n * DNA-109842 [opauto] Add tests for Amazon Music in Player\n * DNA-109937 Crash at opera::ComponentTabStripController::\n SetGroupCollapsed(tab_groups::TabGroupId const\u0026, bool)\n * DNA-110107 Clicking roblox link on page closes the tab\n * DNA-110110 [Tab strip][Tab island] Middle/right mouse click\n on top of the screen have no/wrong efect\n * DNA-110125 [Win/Lin] New design for default scrollbars on\n web page\n * DNA-110130 Capture mouse events on the 1-pixel edge to the\n right of the web view\n * DNA-110586 Shadow is clipped if first tab is selected\n * DNA-110637 Revert removal of start page button\n * DNA-110684 Add bookmarks permissions\n * DNA-110702 [Scrollable] Pin group is not aligned with\n address bar\n * DNA-110737 [OMenu] Menu button looks weird\n * DNA-110788 No 1-pixel edge in full screen mode\n * DNA-110828 Update chess.com build\n * DNA-110842 [Tab strip] Make \u2018+\u2019 button round(er) again\n * DNA-110874 Bring back Home button\n * DNA-110876 Search box on Start page without transparency\n * DNA-110878 Turn on Amazon Music on developer\n * DNA-110905 Amazon Music for all given locales\n * DNA-110961 [WinLin] Remove 1-pixel edge in full screen mode\n * DNA-111038 Disable profile migration\n * DNA-111079 Improve user-profile migration\n * DNA-111092 Disable profile migration flag for\n desktop-stable-116-4880\n\n- Update to 102.0.4880.16\n\n * CHR-9396 Update Chromium on desktop-stable-116-4880 to\n 116.0.5845.97\n * DNA-110040 Crash at crash_reporter::(anonymous namespace)::\n AbslAbortHook(char const*, int, char const*, char const*,\n char const*)\n * DNA-110315 O-menu opening after pressing alt on site which\n have action for Alt press\n * DNA-110440 [Tab strip] Tab favicon not cropped when it does\n not fit in tab size\n * DNA-110469 Move Shopping corner and Loomi to\n \u0027Special Features\u0027 section\n * DNA-110510 [Tab strip] Mute icon displayed over tab title\n * DNA-110526 If group is first the tab bar is not aligned\n with address bar\n * DNA-110828 Update chess.com build\n * DNA-110836 Promote 102 to stable\n * DNA-110892 Translations for O102\n * DNA-110962 Fix ab_tests.json preferences override not working\n\n- The update to chromium 116.0.5845.97 fixes following issues: \n CVE-2023-2312, CVE-2023-4349, CVE-2023-4350, CVE-2023-4351,\n CVE-2023-4352, CVE-2023-4353, CVE-2023-4354, CVE-2023-4355,\n CVE-2023-4356, CVE-2023-4357, CVE-2023-4358, CVE-2023-4359,\n CVE-2023-4360, CVE-2023-4361, CVE-2023-4362, CVE-2023-4362,\n CVE-2023-4363, CVE-2023-4364, CVE-2023-4365, CVE-2023-4366,\n CVE-2023-4367, CVE-2023-4368\n- Complete Opera 102 changelog at:\n https://blogs.opera.com/desktop/changelog-for-102/\n\n- Update to 101.0.4843.43\n\n * CHR-9381 Update Chromium on desktop-stable-115-4843 to\n 115.0.5790.171\n * DNA-108919 Tab Island \u0027Move To Island\u0027 highlight color is the\n same as island color\n * DNA-109202 Often extension popup is not displayed\n * DNA-109454 Wallpaper customization with remote resource\n * DNA-109679 Fix typo in flags schema\n * DNA-109927 Add tooltips for visual or incomplete items in\n context menu\n * DNA-110225 Replace Twitter logo in Sidebar with the new one X\n * DNA-110244 Translations for O101\n * DNA-110276 Fix race condition in DeferredInstalledWallpapers\n * DNA-110400 teaser_event_impression counted when user closes\n baner\n\n- The update to chromium 115.0.5790.171 fixes following issues: \n CVE-2023-4068, CVE-2023-4069, CVE-2023-4070, CVE-2023-4071,\n CVE-2023-4072, CVE-2023-4073, CVE-2023-4074, CVE-2023-4075,\n CVE-2023-4076, CVE-2023-4077, CVE-2023-4078\n\n- Update to 101.0.4843.23\n\n * DNA-109400 Enable #adblocker-anticv on developer stream\n * DNA-109423 Add histograms to help track \n #platform-h264-decoder-in-gpu quality\n * DNA-109861 Crash on expading folder on bookmark bar containing\n unnamed subfolder\n * DNA-109872 WMFAudioDecoder reports spurious dry run if\n initialized during pipeline shutdown\n * DNA-109908 Crash at opera::(anonymous namespace)::\n AddNewTabToWorkspaceIfCurrent(Browser*, opera::WorkspaceId)\n (.llvm.13400399341940007321)\n * DNA-110005 Duplicated tabs indicator is not shown on tab bar\n * DNA-110062 [Linux] QT6 dependency issue with .rpm package\n * DNA-110210 Enable #adblocker-anticv on all streams\n * DNA-110244 Translations for O101\n\n- Update to 101.0.4843.25\n\n * CHR-9357 Update Chromium on desktop-stable-115-4843 to\n 115.0.5790.90\n * CHR-9362 Update Chromium on desktop-stable-115-4843 to\n 115.0.5790.102\n * DNA-104841 Create a smooth corner background\n * DNA-108012 [Opera One] Misaligned inner bookmarks menu\n in Opera Menu\n * DNA-109129 Crash at opera::component_based::\n OperaOneIntroductionAnimationController::AnimateHideVisibility()\n * DNA-109209 Dragged island falls under island its being\n dragged over\n * DNA-109266 Crash at content::WebContentsImpl::\n SetDelegate(content::WebContentsDelegate*)\n * DNA-109310 Broken session files are not automatically\n recovered\n * DNA-109448 [AdBlock] Images from ads are missing with AA\n enabled\n * DNA-109587 \u0027Show bookmarks bar\u0027 checkbox on bookmarks\n feature(Dark Mode)\n * DNA-109674 Closing the tabs in the workspace in the other\n window will close Opera\n * DNA-109694 Smooth corners on active tab\n * DNA-109774 Log when trying to switch workspace while\n closing browser\n * DNA-110005 Duplicated tabs indicator is not shown on tab bar\n * DNA-110244 Translations for O101\n- Complete Opera 101 changelog at:\n https://blogs.opera.com/desktop/changelog-for-101/\n\n- Update to 100.0.4815.76\n\n * DNA-109129 Crash at opera::component_based::Opera\n OneIntroductionAnimationController::AnimateHideVisibility()\n * DNA-109233 Crash at crash_reporter::(anonymous namespace)::\n AbslAbortHook(char const*, int, char const*, char const*,\n char const*)\n * DNA-109673 Session stat event teaser_tile_click is not sent\n * DNA-109897 Session is lost when new session file is created\n\n- Changes in 100.0.4815.54\n\n * DNA-109148 Allow AI extension to change permissions during\n update\n * DNA-109172 WMFAudioDecoder fails with\n #platform-aac-decoder-in-gpu enabled\n * DNA-109633 Do not send TabStripEmpty multiple times\n * DNA-109674 Closing the tabs in the workspace in the other\n window will close Opera\n * DNA-109774 Log when trying to switch workspace while\n closing browser\n\n- Changes in 100.0.4815.47\n\n * DNA-108456 WMFAudioDecoder dry run should include decoding\n one buffer\n * DNA-108478 Disable extension icon on the right side\n (where all normal extensions are)\n * DNA-108791 Give access to feedbackPopupPrivate\n * DNA-109134 Crash at media::FFmpegDemuxer::\n OnFindStreamInfoDone(int) if LD_PRELOAD set by user\n * DNA-109137 SD images/icons/logo not loading or loading\n really slow\n * DNA-109182 Please add an event when popup closes\n * DNA-109231 Extended click area does not work for groups\n * DNA-109242 Session unload kDisablePageLoadsOnStartup\n not working\n * DNA-109310 Broken session files are not automatically recovered\n * DNA-109618 Crash logger RestartAction should be set only\n after crash\n \n\n- Update to 100.0.4815.30\n\n * CHR-9339 Update Chromium on desktop-stable-114-4815 to \n 114.0.5735.199\n * DNA-106986 [Tab strip][Tab islands] Reduce size of tab island\n handle\n * DNA-107205 Disable banner on fresh installation\n \u0027Back up your Opera Browser\u0027\n * DNA-107306 Update Contributors list Opera One\n * DNA-107337 NotReached in Browser::CloseContents\n * DNA-107673 Crash at static void \n opera::ComponentTabStripController::ShowHoverCardForGroup()\n * DNA-108461 Distribute Aria with the Opera build\n * DNA-108540 [Rich Hints] Tab islands \u2013 a trigger and anchor\n * DNA-108545 Track accelerated video decoding support\n * DNA-108606 [Mac] Opening context menu closes subfolders menu\n on bookmark bar\n * DNA-108664 Set minimum and maximum width for Aria extension\n * DNA-108702 Tab falls outside island with specific number of\n tabs on tab strip\n * DNA-108731 Add \u0027aria\u0027 stat to the schema\n * DNA-108760 Record tab islands events\n * DNA-108761 Implement \u2018Later\u0027 functionality\n * DNA-108763 Implement \u2018Quit while showing onboarding\u0027\n * DNA-108806 Command Line not activated when sidebar panel\n is opened\n * DNA-108858 [Linux] Browser window corners are not rounded\n perfectly\n * DNA-108863 Sidebar panel isn\u0027t properly aligned with sidebar\n * DNA-108882 [Icon change] Sync icon without custom image\n * DNA-108898 [Autohide] Sidebar panel title bar is not tall\n enough\n * DNA-108906 Turn on #component-based-context-menu on all streams\n * DNA-108907 Empty text (button inactive) button color is wrong\n * DNA-108912 Implement rotating animation for Aria command line\n * DNA-108921 Enable #opera-one-introduction on all streams\n * DNA-108928 Show overlay only if command-line parameter was\n given\n * DNA-108933 Update repack script to handle introduction\n extension\n * DNA-108938 Translations for O100\n * DNA-108942 Remove Shopping Corner from the sidebar by default\n * DNA-108943 Crash at \n opera::AriaCommandLineController::~AriaCommandLineController()\n * DNA-108949 Make opera://intro display introduction page from\n extension\n * DNA-108952 Implement splash screen\n * DNA-108955 Aria extension is moved to the right after sending\n prompt from Command Line when sidebar is set to autohide\n * DNA-108957 Opera crashes during shutdown after\n opera-one-introduction hid\n * DNA-108958 Commandline disappears after clicking Aria\n logo on Commandline bar\n * DNA-108959 Commandline does not have hover effect on Send\n button\n * DNA-108980 Add Control+Shift+7 / Command+Shift+7 as alternative\n shortcut for Aria command line\n * DNA-108992 Opera One introduction appears in every New Window\n * DNA-109009 Crash at\n opera::component_based::ComponentTabGroup::UpdateTabAppearances()\n * DNA-109021 [Stable] No Shopping corner icon in sidebar setup\n * DNA-109031 [Tab islands] Island can automatically re-collapse\n when clicking handle button to expand it\n * DNA-109036 [Private Mode] [Light Team] Icons in address bar\n flashed white when pressed\n * DNA-109037 [Private Mode][Light] Folders name are not\n readable in BB when highlighted\n * DNA-109085 Two separators after \u2018Search with\u0027 option\n * DNA-109091 Can\u0027t change tab when window is maximized on second\n display\n * DNA-109096 \u0027Move to workspaces\u201d doesn\u0027t fit all workspaces\n * DNA-109099 [WinLin] Add Aria command line to Opera menu\n * DNA-109102 [O-menu][History] Wrong layout of elements without\n icon in history submenu\n * DNA-109129 Crash at opera::component_based::OperaOneIntroduction\n AnimationController::AnimateHideVisibility()\n * DNA-109199 DCHECK when pinning tabs\n * DNA-108893 Promote 100 to stable\n- Complete Opera 100 changelog at:\n https://blogs.opera.com/desktop/changelog-for-100/\n- The update to chromium 114.0.5735.199 fixes following issues:\n CVE-2023-3420, CVE-2023-3421, CVE-2023-3422\n\n- Update to 99.0.4788.31\n\n * DNA-107338 NotReached in SadTabView::OnPaint\n * DNA-107689 Crash at extensions::\n ShodanPrivateShowPopupForSelectedTextFunction::Run()\n \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0251-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0251-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OZ42BLWF46DJIINWQUMWAD3MX5OLXGUI/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0251-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OZ42BLWF46DJIINWQUMWAD3MX5OLXGUI/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3420 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3421 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3422 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4068 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4069 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4070 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4071 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4072 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4073 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4074 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4075 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4076 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4077 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4349 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4350 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4351 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4352 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4353 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4354 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4355 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4357 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4358 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4359 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4360 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4361 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4362 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4363 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4364 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4365 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4366 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4367 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4368 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4572 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4572/"
}
],
"title": "Security update for opera",
"tracking": {
"current_release_date": "2023-09-23T12:02:01Z",
"generator": {
"date": "2023-09-23T12:02:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0251-1",
"initial_release_date": "2023-09-23T12:02:01Z",
"revision_history": [
{
"date": "2023-09-23T12:02:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "opera-102.0.4880.40-lp154.2.50.1.x86_64",
"product": {
"name": "opera-102.0.4880.40-lp154.2.50.1.x86_64",
"product_id": "opera-102.0.4880.40-lp154.2.50.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.4 NonFree",
"product": {
"name": "openSUSE Leap 15.4 NonFree",
"product_id": "openSUSE Leap 15.4 NonFree",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "opera-102.0.4880.40-lp154.2.50.1.x86_64 as component of openSUSE Leap 15.4 NonFree",
"product_id": "openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
},
"product_reference": "opera-102.0.4880.40-lp154.2.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4 NonFree"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2312"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2312",
"url": "https://www.suse.com/security/cve/CVE-2023-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-2312",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-2312"
},
{
"cve": "CVE-2023-3420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3420"
}
],
"notes": [
{
"category": "general",
"text": "Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3420",
"url": "https://www.suse.com/security/cve/CVE-2023-3420"
},
{
"category": "external",
"summary": "SUSE Bug 1212755 for CVE-2023-3420",
"url": "https://bugzilla.suse.com/1212755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-3420"
},
{
"cve": "CVE-2023-3421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3421"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3421",
"url": "https://www.suse.com/security/cve/CVE-2023-3421"
},
{
"category": "external",
"summary": "SUSE Bug 1212755 for CVE-2023-3421",
"url": "https://bugzilla.suse.com/1212755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-3421"
},
{
"cve": "CVE-2023-3422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3422"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3422",
"url": "https://www.suse.com/security/cve/CVE-2023-3422"
},
{
"category": "external",
"summary": "SUSE Bug 1212755 for CVE-2023-3422",
"url": "https://bugzilla.suse.com/1212755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-3422"
},
{
"cve": "CVE-2023-4068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4068"
}
],
"notes": [
{
"category": "general",
"text": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4068",
"url": "https://www.suse.com/security/cve/CVE-2023-4068"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4068",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4068"
},
{
"cve": "CVE-2023-4069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4069"
}
],
"notes": [
{
"category": "general",
"text": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4069",
"url": "https://www.suse.com/security/cve/CVE-2023-4069"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4069",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4069"
},
{
"cve": "CVE-2023-4070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4070"
}
],
"notes": [
{
"category": "general",
"text": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4070",
"url": "https://www.suse.com/security/cve/CVE-2023-4070"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4070",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4070"
},
{
"cve": "CVE-2023-4071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4071"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4071",
"url": "https://www.suse.com/security/cve/CVE-2023-4071"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4071",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4071"
},
{
"cve": "CVE-2023-4072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4072"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4072",
"url": "https://www.suse.com/security/cve/CVE-2023-4072"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4072",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4072"
},
{
"cve": "CVE-2023-4073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4073"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4073",
"url": "https://www.suse.com/security/cve/CVE-2023-4073"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4073",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4073"
},
{
"cve": "CVE-2023-4074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4074"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4074",
"url": "https://www.suse.com/security/cve/CVE-2023-4074"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4074",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4074"
},
{
"cve": "CVE-2023-4075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4075"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4075",
"url": "https://www.suse.com/security/cve/CVE-2023-4075"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4075",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4075"
},
{
"cve": "CVE-2023-4076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4076"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4076",
"url": "https://www.suse.com/security/cve/CVE-2023-4076"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4076",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4076"
},
{
"cve": "CVE-2023-4077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4077"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4077",
"url": "https://www.suse.com/security/cve/CVE-2023-4077"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4077",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4077"
},
{
"cve": "CVE-2023-4078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4078"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4078",
"url": "https://www.suse.com/security/cve/CVE-2023-4078"
},
{
"category": "external",
"summary": "SUSE Bug 1213920 for CVE-2023-4078",
"url": "https://bugzilla.suse.com/1213920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4078"
},
{
"cve": "CVE-2023-4349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4349"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4349",
"url": "https://www.suse.com/security/cve/CVE-2023-4349"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4349",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4349"
},
{
"cve": "CVE-2023-4350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4350"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4350",
"url": "https://www.suse.com/security/cve/CVE-2023-4350"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4350",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4350"
},
{
"cve": "CVE-2023-4351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4351"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4351",
"url": "https://www.suse.com/security/cve/CVE-2023-4351"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4351",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4351"
},
{
"cve": "CVE-2023-4352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4352"
}
],
"notes": [
{
"category": "general",
"text": "Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4352",
"url": "https://www.suse.com/security/cve/CVE-2023-4352"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4352",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4352"
},
{
"cve": "CVE-2023-4353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4353"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4353",
"url": "https://www.suse.com/security/cve/CVE-2023-4353"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4353",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4353"
},
{
"cve": "CVE-2023-4354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4354"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4354",
"url": "https://www.suse.com/security/cve/CVE-2023-4354"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4354",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4354"
},
{
"cve": "CVE-2023-4355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4355"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4355",
"url": "https://www.suse.com/security/cve/CVE-2023-4355"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4355",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4355"
},
{
"cve": "CVE-2023-4356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4356"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4356",
"url": "https://www.suse.com/security/cve/CVE-2023-4356"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4356",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4356"
},
{
"cve": "CVE-2023-4357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4357"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4357",
"url": "https://www.suse.com/security/cve/CVE-2023-4357"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4357",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4357"
},
{
"cve": "CVE-2023-4358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4358"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4358",
"url": "https://www.suse.com/security/cve/CVE-2023-4358"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4358",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4358"
},
{
"cve": "CVE-2023-4359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4359"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4359",
"url": "https://www.suse.com/security/cve/CVE-2023-4359"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4359",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4359"
},
{
"cve": "CVE-2023-4360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4360"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4360",
"url": "https://www.suse.com/security/cve/CVE-2023-4360"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4360",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4360"
},
{
"cve": "CVE-2023-4361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4361"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4361",
"url": "https://www.suse.com/security/cve/CVE-2023-4361"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4361",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4361"
},
{
"cve": "CVE-2023-4362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4362"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4362",
"url": "https://www.suse.com/security/cve/CVE-2023-4362"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4362",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4362"
},
{
"cve": "CVE-2023-4363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4363"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4363",
"url": "https://www.suse.com/security/cve/CVE-2023-4363"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4363",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4363"
},
{
"cve": "CVE-2023-4364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4364"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4364",
"url": "https://www.suse.com/security/cve/CVE-2023-4364"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4364",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4364"
},
{
"cve": "CVE-2023-4365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4365"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4365",
"url": "https://www.suse.com/security/cve/CVE-2023-4365"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4365",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4365"
},
{
"cve": "CVE-2023-4366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4366"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4366",
"url": "https://www.suse.com/security/cve/CVE-2023-4366"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4366",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4366"
},
{
"cve": "CVE-2023-4367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4367"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4367",
"url": "https://www.suse.com/security/cve/CVE-2023-4367"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4367",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4367"
},
{
"cve": "CVE-2023-4368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4368"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4368",
"url": "https://www.suse.com/security/cve/CVE-2023-4368"
},
{
"category": "external",
"summary": "SUSE Bug 1214301 for CVE-2023-4368",
"url": "https://bugzilla.suse.com/1214301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4368"
},
{
"cve": "CVE-2023-4572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4572"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4572",
"url": "https://www.suse.com/security/cve/CVE-2023-4572"
},
{
"category": "external",
"summary": "SUSE Bug 1214758 for CVE-2023-4572",
"url": "https://bugzilla.suse.com/1214758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-102.0.4880.40-lp154.2.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-23T12:02:01Z",
"details": "important"
}
],
"title": "CVE-2023-4572"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…