Chaobin Zhang

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 124.0.6367.60 Microsoft Edge (affected versions not specified) **Description** The issue is related to a use after free in the Downloads component, which can be exploited by a remote attacker to potentially corrupt the heap via a crafted HTML page. This could allow the attacker to execute arbitrary code. **Recommendations** For Google Chrome versions prior to 124.0.6367.60, update to version 124.0.6367.60 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 119.0.6045.105 **Description** The issue is related to a use after free in Reading Mode, which could allow a remote attacker to potentially exploit heap corruption via specific UI gestures if a user is convinced to engage in these gestures. This could lead to unauthorized access to protected information using a specially crafted web page. **Recommendations** For Google Chrome versions prior to 119.0.6045.105, update to version 119.0.6045.105 or later to resolve the issue. As a temporary workaround, consider avoiding the use of Reading Mode until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on ChromeOS versions prior to 115.0.5790.131 **Description** The issue allows an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. This can occur due to a use after free in Diagnostics. **Recommendations** For versions prior to 115.0.5790.131, update to version 115.0.5790.131 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to trusted sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on ChromeOS versions prior to 113.0.5672.114 **Description** The issue is related to a use after free in the ChromeOS Camera component, which could allow a remote attacker to potentially exploit heap corruption via specific UI interaction. This could occur if the attacker convinces a user to engage in certain UI interactions. **Recommendations** For Google Chrome on ChromeOS versions prior to 113.0.5672.114, update to version 113.0.5672.114 or later to resolve the issue. As a temporary workaround, consider restricting access to the ChromeOS Camera component until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 101 Firefox ESR versions prior to 91.10 Thunderbird versions prior to 91.10 **Description** The issue arises from the failure to escape the % character when downloading files on Windows, potentially leading to downloads being saved to attacker-influenced paths using variables such as `%HOMEPATH%` or `%APPDATA%`. This could result in an attacker being able to influence the path where a file is saved, potentially leading to security issues. The vulnerability is specific to Windows and does not affect other operating systems. **Recommendations** For Firefox versions prior to 101, update to version 101 or later to resolve the issue. For Firefox ESR versions prior to 91.10, update to version 91.10 or later to resolve the issue. For Thunderbird versions prior to 91.10, update to version 91.10 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the `%` character in download paths until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 102.0.5005.61 Microsoft Edge (affected versions not specified) **Description** The issue is related to insufficient policy enforcement in the Extensions API of Google Chrome and Microsoft Edge browsers. This can be exploited by an attacker, who convinces a user to install a malicious extension, to bypass downloads policy via a crafted HTML page. The attacker can potentially disclose protected information using a specially designed web page. **Recommendations** For Google Chrome versions prior to 102.0.5005.61, update to version 102.0.5005.61 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.