18楼梦想改造家

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 121.0.6167.85 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in the Passwords component, which can potentially allow a remote attacker to exploit heap corruption via specific UI interaction. This could lead to arbitrary code execution. The severity of this issue is classified as Medium by Chromium security. **Recommendations** For Google Chrome versions prior to 121.0.6167.85, update to version 121.0.6167.85 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 118.0.5993.70 **Description** The issue is related to a use after free vulnerability in the Site Isolation component of Google Chrome, which can be exploited by a remote attacker using a specially crafted HTML page, potentially allowing for arbitrary code execution. This could lead to heap corruption. **Recommendations** For versions prior to 118.0.5993.70, update to version 118.0.5993.70 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable HTML pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 118.0.5993.117 Microsoft Edge versions prior to 118.0.5993.117 **Description** The issue is related to a use after free in the Profiles component, which can be exploited by a remote attacker using a crafted HTML page. This could potentially lead to heap corruption, allowing the attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Google Chrome versions prior to 118.0.5993.117, update to version 118.0.5993.117 or later to resolve the issue. For Microsoft Edge versions prior to 118.0.5993.117, update to version 118.0.5993.117 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted HTML pages until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 16 iOS versions prior to 15.7 and 16 iPadOS versions prior to 15.7 macOS versions prior to Ventura 13 **Description** An access issue was addressed with improvements to the sandbox, which may allow a sandboxed process to circumvent sandbox restrictions. **Recommendations** For Safari versions prior to 16, update to Safari 16. For iOS versions prior to 15.7 and 16, update to iOS 15.7 or iOS 16. For iPadOS versions prior to 15.7, update to iPadOS 15.7. For macOS versions prior to Ventura 13, update to macOS Ventura 13.