openSUSE 15 Security Update : opera (openSUSE-SU-2025:0111-1)

high Nessus Plugin ID 233751

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025:0111-1 advisory.

- Update to 117.0.5408.163
* DNA-120683 [Issue back] Sometimes onboarding is blank and useless
* DNA-121682 Backport fix for CVE-2025-2783 to O132, O133, GX132 and Air132
- Changes in 117.0.5408.154
* DNA-121210 After enabling tab scrolling, the tab bar narrows on both the left and right sides
* DNA-121560 Extension updates which requires manual confirmation do not work
- Changes in 117.0.5408.142
* DNA-121314 Use the extra palette color to paint the frame
* DNA-121321 Refactor ColorSet struct
* DNA-121444 Crash at opera::VibesServiceImpl::VibesServiceImpl
* DNA-121477 Add unit tests for ColorSet
* DNA-121488 [ASAN] ColorSetTest.DefaultConstructor fails
- Changes in 117.0.5408.93
* DNA-118548 After pressing Ctrl+F / Cmd+F on the Start Page (SP), the focus should be on the search bar
* DNA-121183 Add 'transparent UI' parameter to Vibe logic
* DNA-121184 Allow to specify extra palette for window background in Vibe logic
* DNA-121232 Enable Slack, Discord and Bluesky flag on all streams
* DNA-121237 Crash at opera::SidebarExpandViewEmbedder::Position
* DNA-121322 [Opera Translate] [Redesign] Expired #translator flag
* DNA-121385 Remove 'passkey' string

- Update to 117.0.5408.53
* DNA-120848 Add 'x' button to close/dismiss translate popup
* DNA-120849 Dismissing popup adds language to never translate from list
* DNA-120951 Optimize MFSVE output handling
* DNA-120972 Crash at TabDesktopMediaList::Refresh
* CHR-9964 Update Chromium on desktop-stable-132-5408 to 132.0.6834.210 Changes in 117.0.5408.47
* CHR-9961 Update Chromium on desktop-stable-132-5408 to 132.0.6834.209

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected opera package.

See Also

http://www.nessus.org/u?b4573f70

https://www.suse.com/security/cve/CVE-2025-2783

Plugin Details

Severity: High

ID: 233751

File Name: openSUSE-2025-0111-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 4/2/2025

Updated: 4/2/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 10.0

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2025-2783

CVSS v3

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:opensuse:15.6, p-cpe:/a:novell:opensuse:opera

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/1/2025

Vulnerability Publication Date: 3/25/2025

CISA Known Exploited Vulnerability Due Dates: 4/17/2025

Reference Information

CVE: CVE-2025-2783