Axel Chong

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 144 Thunderbird versions prior to 144 **Description** A flaw exists where links within a sandboxed iframe can trigger the opening of an external application on Android devices, bypassing the necessary "allow-" permissions. This could potentially allow for unauthorized access or execution of applications. **Recommendations** Update Firefox to version 144 or later. Update Thunderbird to version 144 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox (affected versions not specified) **Description** The vulnerability in Mozilla Firefox on Android operating systems relates to a flaw in the data protection mechanism. Remote exploitation of this issue may allow an attacker to bypass existing security restrictions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 119.0.6045.105 **Description** The issue is related to an inappropriate implementation in the WebApp Provider component of Google Chrome, which may allow a remote attacker to obfuscate the security UI via a crafted HTML page. This could potentially lead to unauthorized access to protected information. The severity of this issue is considered low. **Recommendations** For versions prior to 119.0.6045.105, update to version 119.0.6045.105 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious HTML pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 119.0.6045.105 **Description** The issue is related to the Picture in Picture technology in Google Chrome, where a remote attacker can exploit it to spoof the contents of the URL bar using a specially crafted HTML page. This can lead to the distortion of important information in the user interface. **Recommendations** For versions prior to 119.0.6045.105, update to version 119.0.6045.105 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Picture in Picture feature until a patch is applied. Avoid using specially crafted HTML pages that can exploit this issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 118.0.5993.70 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in DevTools, allowing an attacker to bypass discretionary access control via a crafted Chrome Extension if a user is convinced to install a malicious extension. Additionally, there is a buffer overflow vulnerability that can be exploited by a remote attacker using a specially crafted PDF file, potentially allowing the execution of arbitrary code. **Recommendations** For Google Chrome versions prior to 118.0.5993.70, update to version 118.0.5993.70 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 118.0.5993.70 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in the Extensions API, allowing an attacker to bypass an enterprise policy via a crafted HTML page. This could enable a remote attacker to gain unauthorized access to protected information using a specially crafted HTML page. **Recommendations** For Google Chrome versions prior to 118.0.5993.70, update to version 118.0.5993.70 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 117.0.5938.62 **Description** The issue is related to an inappropriate implementation in the Picture in Picture feature of Google Chrome, allowing a remote attacker to spoof security UI via a crafted HTML page. This could enable the attacker to bypass security restrictions. The severity of this issue is classified as Low by Chromium. **Recommendations** For Google Chrome versions prior to 117.0.5938.62, update to version 117.0.5938.62 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the Picture in Picture feature until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 117.0.5938.62 **Description** The issue is related to an inappropriate implementation in Interstitials, allowing a remote attacker to obfuscate security UI via a crafted HTML page. This could enable the attacker to bypass security restrictions. The severity of this issue is classified as Low by Chromium. **Recommendations** For Google Chrome versions prior to 117.0.5938.62, update to version 117.0.5938.62 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted HTML pages that could exploit this issue until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 117.0.5938.62 **Description** The issue is related to an inappropriate implementation in the Input component of Google Chrome, which can be exploited by a remote attacker to spoof the security UI via a crafted HTML page. This can potentially allow an attacker to manipulate the user interface. **Recommendations** For Google Chrome versions prior to 117.0.5938.62, update to version 117.0.5938.62 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted HTML pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 116.0.5845.96 **Description** The issue is related to insufficient policy enforcement in the Extensions API of Google Chrome, allowing a remote attacker to bypass existing security restrictions. This can be achieved by convincing a user to install a malicious extension, which can then use a crafted HTML page to bypass an enterprise policy. **Recommendations** For versions prior to 116.0.5845.96, update to version 116.0.5845.96 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to minimize the risk of exploitation. Additionally, avoid using crafted HTML pages that could be used to bypass enterprise policies until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 116.0.5845.96 **Description** The issue is related to an inappropriate implementation in Color, allowing a remote attacker to obfuscate security UI via a crafted HTML page. This could enable the attacker to bypass existing security restrictions. The severity of this issue is classified as Medium by Chromium. **Recommendations** For Google Chrome versions prior to 116.0.5845.96, update to version 116.0.5845.96 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted HTML pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 116.0.5845.96 **Description** The issue is related to insufficient policy enforcement in the Extensions API of Google Chrome, allowing a remote attacker to install arbitrary extensions using a specially crafted HTML page. This could enable an attacker to bypass an enterprise policy if a user is convinced to install a malicious extension. **Recommendations** For versions prior to 116.0.5845.96, update to version 116.0.5845.96 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to minimize the risk of exploitation. Avoid using crafted HTML pages that could bypass enterprise policies until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Node.js versions 16.x through 20.x **Description** The issue is related to the use of `module.constructor.createRequire()`, which can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This affects all users using the experimental policy mechanism in the mentioned release lines. The policy is an experimental feature of Node.js. **Recommendations** For Node.js versions 16.x through 20.x, consider disabling the use of `module.constructor.createRequire()` until a patch is available to prevent bypassing the policy mechanism. Restrict access to modules outside of the policy.json definition to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 116 Firefox ESR versions prior to 102.14 Firefox ESR versions prior to 115.1 **Description** A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This issue is related to incorrect handling of insufficient permissions due to an error in the calculation of the delay of popup notifications, which may allow a remote attacker to conduct clickjacking attacks. **Recommendations** For Firefox versions prior to 116, update to version 116 or later. For Firefox ESR versions prior to 102.14, update to version 102.14 or later. For Firefox ESR versions prior to 115.1, update to version 115.1 or later.

**Name of the Vulnerable Software and Affected Versions** Node.js version 20 **Description** A vulnerability has been discovered in the experimental permission model of Node.js, specifically related to improper handling of Buffers in file system APIs, causing a traversal path to bypass when verifying file permissions. This issue affects all users using the experimental permission model in Node.js 20. The vulnerability can be exploited by specifying a path traversal sequence in a Buffer, allowing an attacker to bypass security restrictions and gain unauthorized access to protected information. **Recommendations** For Node.js version 20, consider disabling the experimental permission model until a patch is available. As a temporary workaround, restrict access to file system APIs to minimize the risk of exploitation. Avoid using Buffers with path traversal sequences in file system APIs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Node.js versions 20 **Description** The issue arises from a missing check in the `fs.mkdtemp()` API, allowing a malicious actor to bypass the permission model check using a path traversal attack. This can lead to the creation of an arbitrary directory. The vulnerability affects all users using the experimental permission model in Node.js. **Recommendations** For Node.js version 20, consider disabling the `fs.mkdtemp()` and `fs.mkdtempSync()` functions until a patch is available to prevent exploitation. Restrict access to the vulnerable API endpoints to minimize the risk of arbitrary directory creation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 120.0.6099.62 **Description** The issue is related to an inappropriate implementation in the Web Browser UI, allowing a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. This could be exploited by a remote attacker using a specially crafted HTML page. **Recommendations** For Google Chrome versions prior to 120.0.6099.62, update to version 120.0.6099.62 or later to resolve the issue. As a temporary workaround, consider restricting the use of iframe dialog context menus until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Node.js version 20 **Description** A vulnerability has been discovered in Node.js, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions. The vulnerability may allow a remote attacker to impact the integrity of protected information due to incorrect restriction of the directory path name with limited access. **Recommendations** For Node.js version 20, as a temporary workaround, consider disabling the experimental permission model until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation. Avoid using the vulnerable permission model in production environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Node.js versions v16, v18, and v20 **Description** The issue is related to the use of ` proto ` in `process.mainModule. proto .require()`, which can bypass the policy mechanism and allow requiring modules outside of the `policy.json` definition. This affects users of the experimental policy mechanism in the mentioned release lines. The policy is noted as an experimental feature of Node.js at the time of issue identification. **Recommendations** For Node.js versions v16, v18, and v20, consider disabling the use of ` proto ` in `process.mainModule. proto .require()` as a temporary workaround until a patch is available. Restrict access to modules outside of the `policy.json` definition to minimize the risk of exploitation. Avoid using the experimental policy mechanism in production environments until a stable version is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 112 Firefox ESR versions prior to 102.10 Thunderbird versions prior to 102.10 **Description** The issue is related to insufficient protection of internal data when handling the "Save Link As" dialog, allowing an attacker to gain unauthorized access to protected information. This occurs when suggested filenames contain environment variable names, which are resolved in the context of the current user. The vulnerability affects Firefox and Thunderbird on Windows, allowing a remote attacker to access confidential information in the system. **Recommendations** For Firefox versions prior to 112: Update to version 112 or later to resolve the issue. For Firefox ESR versions prior to 102.10: Update to version 102.10 or later to resolve the issue. For Thunderbird versions prior to 102.10: Update to version 102.10 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the "Save Link As" feature with suggested filenames containing environment variable names until a patch is available.