François Lajeunesse-Robert

**Name of the Vulnerable Software and Affected Versions** Google Closure Library versions up to and including v20200224 **Description** A URL parsing issue in goog.uri of the Google Closure Library allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. **Recommendations** For Google Closure Library versions up to and including v20200224, update your library to version v20200315.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 67.0.3396.62 **Description** The issue is related to insufficient policy enforcement in the Extensions API, allowing an attacker to bypass navigation restrictions. This can be achieved by convincing a user to install a malicious extension, which can then be used to exploit the weakness. The vulnerability exists due to inadequate input validation, enabling a remote attacker to circumvent navigation limitations using a specially crafted Chrome Extension. **Recommendations** For versions prior to 67.0.3396.62, update to version 67.0.3396.62 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to trusted sources and avoiding the use of unverified extensions.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 59 **Description** The issue is related to the "app.support.baseURL" preference, which can be modified by a malicious local program to include HTML and script content. This content is not sanitized and will be executed under certain conditions, such as when a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and performs a search. Additionally, the stored preference is executed when an EME video player plugin displays a CDM-disabled message as a notification. This could potentially allow a remote attacker to gain unauthorized access to protected information. **Recommendations** For versions prior to 59, update to version 59 or later to resolve the issue. As a temporary workaround, consider restricting access to the "app.support.baseURL" preference to minimize the risk of exploitation. Avoid loading "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executing searches until the issue is resolved.