Darknavygit

**Name of the Vulnerable Software and Affected Versions** Chromium Embedded Framework (CEF) (affected versions not specified) **Description** The issue arises from the `CefVideoConsumerOSR::OnFrameCaptured` function not properly checking the `pixel format`, leading to an out-of-bounds read outside of the sandbox. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CEF (Chromium Embedded Framework) versions prior to the version containing commit 1f55d2e **Description** The issue arises from the `CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory` function not checking the size of the shared memory, leading to an out-of-bounds read outside the sandbox. This is a problem in CEF, a framework for embedding Chromium-based browsers in other applications. **Recommendations** For versions prior to the one containing commit 1f55d2e, update to a version that includes the patch commit 1f55d2e to resolve the issue. As a temporary workaround, consider restricting access to the `CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory` function until a patch is applied.