Hyhy_100

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 128.0.6613.137 Microsoft Edge (affected versions not specified) **Description** A heap buffer overflow in the Skia library of Google Chrome and Microsoft Edge exists due to a boundary error when processing untrusted HTML content. This issue allows a remote attacker to potentially exploit heap corruption via a crafted HTML page, which may lead to remote code execution. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Google Chrome versions prior to 128.0.6613.137, update to version 128.0.6613.137 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the Skia library until a patch is available. Avoid using the Skia component in Google Chrome until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 128.0.6613.113 **Description** The issue is related to a heap buffer overflow in the Skia graphics library of Google Chrome, which can be exploited by a remote attacker who has compromised the renderer process. This can potentially allow the attacker to execute arbitrary code via a crafted HTML page. The severity of this issue is considered high. **Recommendations** For versions prior to 128.0.6613.113, update to version 128.0.6613.113 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable HTML pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 128.0.6613.113 **Description** The issue is related to a heap buffer overflow in the Skia graphics library of Google Chrome, which can be exploited by a remote attacker who has compromised the renderer process. This can potentially lead to heap corruption via a crafted HTML page. The severity of this issue is considered high. **Recommendations** For Google Chrome versions prior to 128.0.6613.113, update to version 128.0.6613.113 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable HTML pages until the update is applied.