Jay Bosamiya

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 72.0.3626.81 **Description** The issue is related to the incorrect handling of negative zero in V8, a JavaScript engine used by Google Chrome. This allows a remote attacker to perform arbitrary read/write operations via a crafted HTML page. The vulnerability can be exploited to execute arbitrary code, giving an attacker the ability to view or modify arbitrary data. **Recommendations** For versions prior to 72.0.3626.81, update to version 72.0.3626.81 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: CPython versions up to 2.7.13 Description: The issue is related to an integer overflow in the `PyString DecodeEscape` function in `stringobject.c`, which can lead to a heap-based buffer overflow and potentially allow for arbitrary code execution. This can be exploited by a remote attacker. Recommendations: For versions up to 2.7.13, update to a version that includes a fix for the integer overflow in the `PyString DecodeEscape` function to prevent heap-based buffer overflow and possible arbitrary code execution. As a temporary workaround, consider restricting the use of the `PyString DecodeEscape` function until a patch is available.