{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for opera","title":"Title of the patch"},{"category":"description","text":"This update for opera fixes the following issues:\n\n- Update to 99.0.4788.13\n  * CHR-9290 Update Chromium on desktop-stable-113-4788 to\n    113.0.5672.127\n  * DNA-107317 __delayLoadHelper2 crash in crashreporter\n- The update to chromium 113.0.5672.127 fixes following issues:\n  CVE-2023-2721, CVE-2023-2722, CVE-2023-2723, CVE-2023-2724,\n  CVE-2023-2725, CVE-2023-2726\n\n- Update to 99.0.4788.9\n  * CHR-9283 Update Chromium on desktop-stable-113-4788 to\n    113.0.5672.93\n  * DNA-107638 Translations for O99\n  * DNA-107678 Crash Report [@ BrowserContextKeyedServiceFactory::\n    BrowserContextKeyedServiceFactory(char const*,\n    BrowserContextDependencyManager*) ]\n  * DNA-107795 Fix wrong german translation of\n    'Close All Duplicate Tabs'\n  * DNA-107800 Fonts on section#folder and AddSitePanel not\n    readable when animated wallpaper chosen\n  * DNA-107840 Promote O99 to stable\n\n- Update to 98.0.4759.39\n  * DNA-102363 ChromeFileSystemAccessPermissionContextTest.\n    ConfirmSensitiveEntryAccess_DangerousFile fails\n  * DNA-105534 [Add to Opera] Incorrect scroll on modal when\n    browser window size is too small\n  * DNA-106649 Opening new tab when pinned tab is active gives\n    2 active tabs\n  * DNA-107226 Speed Dial freezes and empty space remains after\n    Continue booking tile dragging\n  * DNA-107435 Building archive_source_release target fails\n  * DNA-107441 [Start page] Right mouse click on tile in continue\n    on section opens target site in current tab\n  * DNA-107508 Crash at permissions::PermissionRecoverySuccessRate\n    Tracker::TrackUsage(ContentSettingsType)\n  * DNA-107528 Handle real-time SD impression reporting\n  * DNA-107546 Context menus broken with one workspace\n  * DNA-107548 Paste from Context Menu doesn’t work for Search\n    on StartPage\n  * DNA-107560 Optimize real-time SD impression reporting\n\n- Update to 98.0.4759.15\n  * CHR-9259 Update Chromium on desktop-stable-112-4759 to\n    112.0.5615.121\n  * CHR-9264 Update Chromium on desktop-stable-112-4759 to\n    112.0.5615.165\n  * DNA-104949 Cleanup reauthorizer and permission\n  * DNA-106748 Presubmit problems\n  * DNA-107262 Delete faulty translations\n- The update to chromium 112.0.5615.165 fixes following issues:\n  CVE-2023-2133, CVE-2023-2134, CVE-2023-2135, CVE-2023-2136,\n  CVE-2023-2137\n- Changes in 98.0.4759.6\n  * CHR-9255 Update Chromium on desktop-stable-112-4759 to\n    112.0.5615.87\n  * DNA-106342 Crash when blocking cookies in sidebar \n    web.infobars::InfoBarManager::AddInfoBar(std::Cr::unique_ptr, bool)\n  * DNA-107054 Apply patch for CVE-2023-2033\n  * DNA-107141 Promote O98 to stable\n  * DNA-107142 Translations for O98\n\n- Update to 97.0.4719.83\n  * DNA-106342 Crash when blocking cookies in sidebar web.\n    infobars::InfoBarManager::AddInfoBar(std::Cr::unique_ptr, bool)\n  * DNA-106550 [SD][Drag&Drop] Create a static manual layout for\n    speed dials\n  * DNA-106791 Run smoketests on mac arm builds\n  * DNA-107054 Apply patch for CVE-2023-2033\n- Remove setup_repo.sh, fix non-executable-script rpmlint warning\n  and we do not want create a repo\n\n- Update to 97.0.4719.63\n  * CHR-9245 Update Chromium on desktop-stable-111-4719 to\n    111.0.5563.147\n  * DNA-105919 Set new Baidu search string\n  * DNA-106168 EasySetup update\n\n- Update to 97.0.4719.43\n  * CHR-9236 Update Chromium on desktop-stable-111-4719 to\n    111.0.5563.111\n  * DNA-105141 Tabs to the right of the currently active one swap\n    their position with another when clicked\n  * DNA-106044 Translations for O97\n  * DNA-106300 Fix rule for generating archive_browser_sym_files\n    on crossplatform builds\n  * DNA-106412 Content of popup not generated for some extensions\n    when using more then one worksapce\n  * DNA-106433 Extend Easy Setup API\n  * DNA-106435 Increase timeout for the welcome page\n  * DNA-106453 Public build from desktop-stable-111-4719 do\n    not compile\n- The update to chromium 111.0.5563.111 fixes following issues:\n  CVE-2023-1528, CVE-2023-1529, CVE-2023-1530, CVE-2023-1531,\n  CVE-2023-1532, CVE-2023-1533, CVE-2023-1534\n\n- Update to 97.0.4719.28\n  * DNA-106303 Extension should get proper parent window id from\n    the sidebar API\n  * DNA-106366 Opera crypto crashes on startup during session\n    restore\n- Changes in 97.0.4719.26\n  * CHR-9225 Update Chromium on desktop-stable-111-4719 to\n    111.0.5563.65\n  * DNA-102778 Goth reports error for utils_api test\n  * DNA-104983 Missing encryption option in sync settings\n  * DNA-105293 add RateMe feature to Speed Dials and Suggested\n    Speed Dials section\n  * DNA-105299 Opera crash when closing tab by middle mouse button\n  * DNA-105712 Update linux sandbox dependency for browsertests\n  * DNA-105787 Settings extended with the AI section\n  * DNA-105865 Add reload option for panels in\n    opr.browserSidebarPrivate namespace\n  * DNA-105944 Update checking of widevine certificate expiration\n    to be independent from dateformat\n  * DNA-105959 Update texts – native part\n  * DNA-105961 Import translated texts – native part\n  * DNA-105967 Crash at\n    base::ObserverList::RemoveObserver(PrefObserver const*)\n  * DNA-105973 Turn on #tab-tooltip-close-tabs on all streams\n  * DNA-106061 Hide extension popup\n  * DNA-106062 [Stable A/B Test] React Start Page for Austria,\n    Italy, Spain and France 50%\n  * DNA-106068 Extension shows if developer mode is enabled\n  * DNA-106070 Feedback window for highlight popup displayed in\n    wrong place\n  * DNA-106079 EasySetup Disclaimer – Reduce size\n  * DNA-106085 Crash at\n    TabHoverCardController::OnViewIsDeleting(views::View*)\n  * DNA-106086 Player home page does not show images in dark mode\n  * DNA-106096 Increase prompt window in AB width\n  * DNA-106109 Teasers on start page don’t show transparency\n  * DNA-106114 AI Prompts button is after Reader Mode icon\n  * DNA-106168 EasySetup update\n  * DNA-106212 Promote O97 to stable\n  * DNA-106225 Enable #shodan-extension for all streams\n  * DNA-106229 Update J5 texts\n- The update to chromium 111.0.5563.65 fixes following issues:\n  CVE-2023-1213, CVE-2023-1214, CVE-2023-1215, CVE-2023-1216,\n  CVE-2023-1217, CVE-2023-1218, CVE-2023-1219, CVE-2023-1220,\n  CVE-2023-1221, CVE-2023-1222, CVE-2023-1223, CVE-2023-1224,\n  CVE-2023-1225, CVE-2023-1226, CVE-2023-1227, CVE-2023-1228,\n  CVE-2023-1229, CVE-2023-1230, CVE-2023-1231, CVE-2023-1232,\n  CVE-2023-1233, CVE-2023-1234, CVE-2023-1235, CVE-2023-1236\n\n- Update to 96.0.4693.80\n  * CHR-9221 Update Chromium on desktop-stable-110-4693 to\n    110.0.5481.192\n  * DNA-104501 Opera don’t work with\n    #high-efficiency-mode-available flag\n  * DNA-105860 Enable #google-suggest-entities on all streams\n  * DNA-106062 [Stable A/B Test] React Start Page for Austria,\n    Italy, Spain and France 50%\n\n- Update to 96.0.4693.50\n  * DNA-104420 Creating mechanism to detect specific shortcut\n  * DNA-104742 Wrong button place in opera tools section in\n    sidebar menu\n  * DNA-105141 Tabs to the right of the currently active one swap\n    their position with another when clicked\n  * DNA-105426 Add provisioning profiles during builds signing\n  * DNA-105506 Replace all references to opera-api.com domain\n    with opera-api2.com\n  * DNA-105536 Enable kFeatureExtendedUnstoppableDomains\n    for desktop\n  * DNA-105727 [Rich Hints] Screenshot event must not collide with\n    native PrtScr notification.\n  * DNA-105740 [Rich Hints] Add event_user_survey to the whitelist\n","title":"Description of the patch"},{"category":"details","text":"openSUSE-2023-114","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0114-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2023:0114-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AOK6KL3HWOEESQP5YYTJH4ANDT2XMQRU/"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2023:0114-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AOK6KL3HWOEESQP5YYTJH4ANDT2XMQRU/"},{"category":"self","summary":"SUSE CVE CVE-2023-1213 page","url":"https://www.suse.com/security/cve/CVE-2023-1213/"},{"category":"self","summary":"SUSE CVE CVE-2023-1214 page","url":"https://www.suse.com/security/cve/CVE-2023-1214/"},{"category":"self","summary":"SUSE CVE CVE-2023-1215 page","url":"https://www.suse.com/security/cve/CVE-2023-1215/"},{"category":"self","summary":"SUSE CVE CVE-2023-1216 page","url":"https://www.suse.com/security/cve/CVE-2023-1216/"},{"category":"self","summary":"SUSE CVE CVE-2023-1217 page","url":"https://www.suse.com/security/cve/CVE-2023-1217/"},{"category":"self","summary":"SUSE CVE CVE-2023-1218 page","url":"https://www.suse.com/security/cve/CVE-2023-1218/"},{"category":"self","summary":"SUSE CVE CVE-2023-1219 page","url":"https://www.suse.com/security/cve/CVE-2023-1219/"},{"category":"self","summary":"SUSE CVE CVE-2023-1220 page","url":"https://www.suse.com/security/cve/CVE-2023-1220/"},{"category":"self","summary":"SUSE CVE CVE-2023-1221 page","url":"https://www.suse.com/security/cve/CVE-2023-1221/"},{"category":"self","summary":"SUSE CVE CVE-2023-1222 page","url":"https://www.suse.com/security/cve/CVE-2023-1222/"},{"category":"self","summary":"SUSE CVE CVE-2023-1223 page","url":"https://www.suse.com/security/cve/CVE-2023-1223/"},{"category":"self","summary":"SUSE CVE CVE-2023-1224 page","url":"https://www.suse.com/security/cve/CVE-2023-1224/"},{"category":"self","summary":"SUSE CVE CVE-2023-1225 page","url":"https://www.suse.com/security/cve/CVE-2023-1225/"},{"category":"self","summary":"SUSE CVE CVE-2023-1226 page","url":"https://www.suse.com/security/cve/CVE-2023-1226/"},{"category":"self","summary":"SUSE CVE CVE-2023-1227 page","url":"https://www.suse.com/security/cve/CVE-2023-1227/"},{"category":"self","summary":"SUSE CVE CVE-2023-1228 page","url":"https://www.suse.com/security/cve/CVE-2023-1228/"},{"category":"self","summary":"SUSE CVE CVE-2023-1229 page","url":"https://www.suse.com/security/cve/CVE-2023-1229/"},{"category":"self","summary":"SUSE CVE CVE-2023-1230 page","url":"https://www.suse.com/security/cve/CVE-2023-1230/"},{"category":"self","summary":"SUSE CVE CVE-2023-1231 page","url":"https://www.suse.com/security/cve/CVE-2023-1231/"},{"category":"self","summary":"SUSE CVE CVE-2023-1232 page","url":"https://www.suse.com/security/cve/CVE-2023-1232/"},{"category":"self","summary":"SUSE CVE CVE-2023-1233 page","url":"https://www.suse.com/security/cve/CVE-2023-1233/"},{"category":"self","summary":"SUSE CVE CVE-2023-1234 page","url":"https://www.suse.com/security/cve/CVE-2023-1234/"},{"category":"self","summary":"SUSE CVE CVE-2023-1235 page","url":"https://www.suse.com/security/cve/CVE-2023-1235/"},{"category":"self","summary":"SUSE CVE CVE-2023-1236 page","url":"https://www.suse.com/security/cve/CVE-2023-1236/"},{"category":"self","summary":"SUSE CVE CVE-2023-1528 page","url":"https://www.suse.com/security/cve/CVE-2023-1528/"},{"category":"self","summary":"SUSE CVE CVE-2023-1529 page","url":"https://www.suse.com/security/cve/CVE-2023-1529/"},{"category":"self","summary":"SUSE CVE CVE-2023-1530 page","url":"https://www.suse.com/security/cve/CVE-2023-1530/"},{"category":"self","summary":"SUSE CVE CVE-2023-1531 page","url":"https://www.suse.com/security/cve/CVE-2023-1531/"},{"category":"self","summary":"SUSE CVE CVE-2023-1532 page","url":"https://www.suse.com/security/cve/CVE-2023-1532/"},{"category":"self","summary":"SUSE CVE CVE-2023-1533 page","url":"https://www.suse.com/security/cve/CVE-2023-1533/"},{"category":"self","summary":"SUSE CVE CVE-2023-1534 page","url":"https://www.suse.com/security/cve/CVE-2023-1534/"},{"category":"self","summary":"SUSE CVE CVE-2023-2033 page","url":"https://www.suse.com/security/cve/CVE-2023-2033/"},{"category":"self","summary":"SUSE CVE CVE-2023-2133 page","url":"https://www.suse.com/security/cve/CVE-2023-2133/"},{"category":"self","summary":"SUSE CVE CVE-2023-2134 page","url":"https://www.suse.com/security/cve/CVE-2023-2134/"},{"category":"self","summary":"SUSE CVE CVE-2023-2135 page","url":"https://www.suse.com/security/cve/CVE-2023-2135/"},{"category":"self","summary":"SUSE CVE CVE-2023-2136 page","url":"https://www.suse.com/security/cve/CVE-2023-2136/"},{"category":"self","summary":"SUSE CVE CVE-2023-2137 page","url":"https://www.suse.com/security/cve/CVE-2023-2137/"},{"category":"self","summary":"SUSE CVE CVE-2023-2721 page","url":"https://www.suse.com/security/cve/CVE-2023-2721/"},{"category":"self","summary":"SUSE CVE CVE-2023-2722 page","url":"https://www.suse.com/security/cve/CVE-2023-2722/"},{"category":"self","summary":"SUSE CVE CVE-2023-2723 page","url":"https://www.suse.com/security/cve/CVE-2023-2723/"},{"category":"self","summary":"SUSE CVE CVE-2023-2724 page","url":"https://www.suse.com/security/cve/CVE-2023-2724/"},{"category":"self","summary":"SUSE CVE CVE-2023-2725 page","url":"https://www.suse.com/security/cve/CVE-2023-2725/"},{"category":"self","summary":"SUSE CVE CVE-2023-2726 page","url":"https://www.suse.com/security/cve/CVE-2023-2726/"}],"title":"Security update for opera","tracking":{"current_release_date":"2023-05-27T12:01:46Z","generator":{"date":"2023-05-27T12:01:46Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2023:0114-1","initial_release_date":"2023-05-27T12:01:46Z","revision_history":[{"date":"2023-05-27T12:01:46Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"opera-99.0.4788.13-lp154.2.47.1.x86_64","product":{"name":"opera-99.0.4788.13-lp154.2.47.1.x86_64","product_id":"opera-99.0.4788.13-lp154.2.47.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Leap 15.4 NonFree","product":{"name":"openSUSE Leap 15.4 NonFree","product_id":"openSUSE Leap 15.4 NonFree","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.4"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"opera-99.0.4788.13-lp154.2.47.1.x86_64 as component of openSUSE Leap 15.4 NonFree","product_id":"openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"},"product_reference":"opera-99.0.4788.13-lp154.2.47.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.4 NonFree"}]},"vulnerabilities":[{"cve":"CVE-2023-1213","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1213"}],"notes":[{"category":"general","text":"Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1213","url":"https://www.suse.com/security/cve/CVE-2023-1213"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1213","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1213"},{"cve":"CVE-2023-1214","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1214"}],"notes":[{"category":"general","text":"Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1214","url":"https://www.suse.com/security/cve/CVE-2023-1214"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1214","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1214"},{"cve":"CVE-2023-1215","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1215"}],"notes":[{"category":"general","text":"Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1215","url":"https://www.suse.com/security/cve/CVE-2023-1215"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1215","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1215"},{"cve":"CVE-2023-1216","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1216"}],"notes":[{"category":"general","text":"Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had convienced the user to engage in direct UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1216","url":"https://www.suse.com/security/cve/CVE-2023-1216"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1216","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1216"},{"cve":"CVE-2023-1217","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1217"}],"notes":[{"category":"general","text":"Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1217","url":"https://www.suse.com/security/cve/CVE-2023-1217"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1217","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1217"},{"cve":"CVE-2023-1218","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1218"}],"notes":[{"category":"general","text":"Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1218","url":"https://www.suse.com/security/cve/CVE-2023-1218"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1218","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1218"},{"cve":"CVE-2023-1219","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1219"}],"notes":[{"category":"general","text":"Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1219","url":"https://www.suse.com/security/cve/CVE-2023-1219"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1219","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1219"},{"cve":"CVE-2023-1220","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1220"}],"notes":[{"category":"general","text":"Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1220","url":"https://www.suse.com/security/cve/CVE-2023-1220"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1220","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1220"},{"cve":"CVE-2023-1221","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1221"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1221","url":"https://www.suse.com/security/cve/CVE-2023-1221"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1221","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1221"},{"cve":"CVE-2023-1222","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1222"}],"notes":[{"category":"general","text":"Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1222","url":"https://www.suse.com/security/cve/CVE-2023-1222"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1222","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1222"},{"cve":"CVE-2023-1223","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1223"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1223","url":"https://www.suse.com/security/cve/CVE-2023-1223"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1223","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1223"},{"cve":"CVE-2023-1224","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1224"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1224","url":"https://www.suse.com/security/cve/CVE-2023-1224"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1224","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1224"},{"cve":"CVE-2023-1225","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1225"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1225","url":"https://www.suse.com/security/cve/CVE-2023-1225"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1225","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1225"},{"cve":"CVE-2023-1226","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1226"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1226","url":"https://www.suse.com/security/cve/CVE-2023-1226"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1226","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1226"},{"cve":"CVE-2023-1227","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1227"}],"notes":[{"category":"general","text":"Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1227","url":"https://www.suse.com/security/cve/CVE-2023-1227"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1227","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1227"},{"cve":"CVE-2023-1228","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1228"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1228","url":"https://www.suse.com/security/cve/CVE-2023-1228"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1228","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1228"},{"cve":"CVE-2023-1229","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1229"}],"notes":[{"category":"general","text":"Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1229","url":"https://www.suse.com/security/cve/CVE-2023-1229"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1229","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1229"},{"cve":"CVE-2023-1230","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1230"}],"notes":[{"category":"general","text":"Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1230","url":"https://www.suse.com/security/cve/CVE-2023-1230"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1230","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1230"},{"cve":"CVE-2023-1231","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1231"}],"notes":[{"category":"general","text":"Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1231","url":"https://www.suse.com/security/cve/CVE-2023-1231"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1231","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1231"},{"cve":"CVE-2023-1232","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1232"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. (Chromium security severity: Low)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1232","url":"https://www.suse.com/security/cve/CVE-2023-1232"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1232","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1232"},{"cve":"CVE-2023-1233","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1233"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from API via a crafted Chrome Extension. (Chromium security severity: Low)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1233","url":"https://www.suse.com/security/cve/CVE-2023-1233"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1233","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1233"},{"cve":"CVE-2023-1234","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1234"}],"notes":[{"category":"general","text":"Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1234","url":"https://www.suse.com/security/cve/CVE-2023-1234"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1234","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1234"},{"cve":"CVE-2023-1235","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1235"}],"notes":[{"category":"general","text":"Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1235","url":"https://www.suse.com/security/cve/CVE-2023-1235"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1235","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1235"},{"cve":"CVE-2023-1236","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1236"}],"notes":[{"category":"general","text":"Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1236","url":"https://www.suse.com/security/cve/CVE-2023-1236"},{"category":"external","summary":"SUSE Bug 1209040 for CVE-2023-1236","url":"https://bugzilla.suse.com/1209040"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-1236"},{"cve":"CVE-2023-1528","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1528"}],"notes":[{"category":"general","text":"Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1528","url":"https://www.suse.com/security/cve/CVE-2023-1528"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1528","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1528"},{"cve":"CVE-2023-1529","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1529"}],"notes":[{"category":"general","text":"Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1529","url":"https://www.suse.com/security/cve/CVE-2023-1529"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1529","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1529"},{"cve":"CVE-2023-1530","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1530"}],"notes":[{"category":"general","text":"Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1530","url":"https://www.suse.com/security/cve/CVE-2023-1530"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1530","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1530"},{"cve":"CVE-2023-1531","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1531"}],"notes":[{"category":"general","text":"Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1531","url":"https://www.suse.com/security/cve/CVE-2023-1531"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1531","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1531"},{"cve":"CVE-2023-1532","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1532"}],"notes":[{"category":"general","text":"Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1532","url":"https://www.suse.com/security/cve/CVE-2023-1532"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1532","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1532"},{"cve":"CVE-2023-1533","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1533"}],"notes":[{"category":"general","text":"Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1533","url":"https://www.suse.com/security/cve/CVE-2023-1533"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1533","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1533"},{"cve":"CVE-2023-1534","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-1534"}],"notes":[{"category":"general","text":"Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-1534","url":"https://www.suse.com/security/cve/CVE-2023-1534"},{"category":"external","summary":"SUSE Bug 1209598 for CVE-2023-1534","url":"https://bugzilla.suse.com/1209598"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-1534"},{"cve":"CVE-2023-2033","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2033"}],"notes":[{"category":"general","text":"Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2033","url":"https://www.suse.com/security/cve/CVE-2023-2033"},{"category":"external","summary":"SUSE Bug 1210478 for CVE-2023-2033","url":"https://bugzilla.suse.com/1210478"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2033"},{"cve":"CVE-2023-2133","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2133"}],"notes":[{"category":"general","text":"Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2133","url":"https://www.suse.com/security/cve/CVE-2023-2133"},{"category":"external","summary":"SUSE Bug 1210618 for CVE-2023-2133","url":"https://bugzilla.suse.com/1210618"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-2133"},{"cve":"CVE-2023-2134","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2134"}],"notes":[{"category":"general","text":"Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2134","url":"https://www.suse.com/security/cve/CVE-2023-2134"},{"category":"external","summary":"SUSE Bug 1210618 for CVE-2023-2134","url":"https://bugzilla.suse.com/1210618"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-2134"},{"cve":"CVE-2023-2135","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2135"}],"notes":[{"category":"general","text":"Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2135","url":"https://www.suse.com/security/cve/CVE-2023-2135"},{"category":"external","summary":"SUSE Bug 1210618 for CVE-2023-2135","url":"https://bugzilla.suse.com/1210618"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-2135"},{"cve":"CVE-2023-2136","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2136"}],"notes":[{"category":"general","text":"Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2136","url":"https://www.suse.com/security/cve/CVE-2023-2136"},{"category":"external","summary":"SUSE Bug 1210618 for CVE-2023-2136","url":"https://bugzilla.suse.com/1210618"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.6,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"critical"}],"title":"CVE-2023-2136"},{"cve":"CVE-2023-2137","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2137"}],"notes":[{"category":"general","text":"Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2137","url":"https://www.suse.com/security/cve/CVE-2023-2137"},{"category":"external","summary":"SUSE Bug 1210618 for CVE-2023-2137","url":"https://bugzilla.suse.com/1210618"},{"category":"external","summary":"SUSE Bug 1210660 for CVE-2023-2137","url":"https://bugzilla.suse.com/1210660"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2137"},{"cve":"CVE-2023-2721","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2721"}],"notes":[{"category":"general","text":"Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2721","url":"https://www.suse.com/security/cve/CVE-2023-2721"},{"category":"external","summary":"SUSE Bug 1211442 for CVE-2023-2721","url":"https://bugzilla.suse.com/1211442"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2721"},{"cve":"CVE-2023-2722","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2722"}],"notes":[{"category":"general","text":"Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2722","url":"https://www.suse.com/security/cve/CVE-2023-2722"},{"category":"external","summary":"SUSE Bug 1211442 for CVE-2023-2722","url":"https://bugzilla.suse.com/1211442"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2722"},{"cve":"CVE-2023-2723","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2723"}],"notes":[{"category":"general","text":"Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2723","url":"https://www.suse.com/security/cve/CVE-2023-2723"},{"category":"external","summary":"SUSE Bug 1211442 for CVE-2023-2723","url":"https://bugzilla.suse.com/1211442"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2723"},{"cve":"CVE-2023-2724","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2724"}],"notes":[{"category":"general","text":"Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2724","url":"https://www.suse.com/security/cve/CVE-2023-2724"},{"category":"external","summary":"SUSE Bug 1211442 for CVE-2023-2724","url":"https://bugzilla.suse.com/1211442"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2724"},{"cve":"CVE-2023-2725","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2725"}],"notes":[{"category":"general","text":"Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2725","url":"https://www.suse.com/security/cve/CVE-2023-2725"},{"category":"external","summary":"SUSE Bug 1211442 for CVE-2023-2725","url":"https://bugzilla.suse.com/1211442"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2725"},{"cve":"CVE-2023-2726","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-2726"}],"notes":[{"category":"general","text":"Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-2726","url":"https://www.suse.com/security/cve/CVE-2023-2726"},{"category":"external","summary":"SUSE Bug 1211442 for CVE-2023-2726","url":"https://bugzilla.suse.com/1211442"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.4 NonFree:opera-99.0.4788.13-lp154.2.47.1.x86_64"]}],"threats":[{"category":"impact","date":"2023-05-27T12:01:46Z","details":"important"}],"title":"CVE-2023-2726"}]}