M. Fauzan Wijaya

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** An out of bounds write occurs in Skia, a graphics library, which allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a specially crafted HTML page. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** A heap buffer overflow in Skia allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. A heap buffer overflow occurs when a program writes more data to a buffer allocated on the heap than it can hold, potentially corrupting adjacent memory. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 145.0.7632.116 **Description** A flaw exists in Google Chrome's DevTools due to an inappropriate implementation. An attacker could potentially convince a user to install a malicious extension. This would allow the attacker to inject scripts or HTML into a privileged page through DevTools. **Recommendations** Update Google Chrome to version 145.0.7632.116 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.153 **Description** A heap buffer overflow exists in ANGLE, a low-level graphics library used by Google Chrome. This issue could allow a remote attacker to exploit heap corruption through a specially crafted HTML page. The Chromium security severity is rated as High. **Recommendations** Update Google Chrome to version 146.0.7680.153 or later.