Mark Amery

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 95.0.4638.69 **Description** The issue is related to insufficient policy enforcement in the Autofill feature of Google Chrome, allowing a remote attacker to leak cross-origin data via a crafted HTML page. This could enable unauthorized access to protected information. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions prior to 95.0.4638.69, update to version 95.0.4638.69 or later to resolve the issue. As a temporary workaround, consider disabling the Autofill feature until a patch is available. Restrict access to sensitive information when using Google Chrome until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 80.0.3987.87 **Description** The issue is related to insufficient policy enforcement in the Blink component of Google Chrome, which can be exploited by a remote attacker to leak cross-origin data. This can be achieved via a crafted HTML page, allowing the attacker to access confidential data. **Recommendations** For versions prior to 80.0.3987.87, update to version 80.0.3987.87 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 79.0.3945.79 **Description** The issue is related to insufficient policy enforcement in autocomplete, allowing a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. This could lead to the disclosure of protected information. **Recommendations** For versions prior to 79.0.3945.79, update to version 79.0.3945.79 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 75.0.3770.142 **Description** The issue concerns incorrect font handling in autofill, allowing a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. This could also lead to unauthorized access to protected information or cause a denial of service with a specially formed web page. **Recommendations** For versions prior to 75.0.3770.142, update to version 75.0.3770.142 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 74.0.3729.108 **Description** The issue is related to an error in the autofill feature, allowing information to be retrieved from the process memory. A remote attacker can exploit this to gain access to confidential data through a specially crafted HTML page. **Recommendations** For versions prior to 74.0.3729.108, update to version 74.0.3729.108 or later to resolve the issue. As a temporary workaround, consider disabling the autofill feature until a patch is available. Restrict access to sensitive information when using affected versions of Google Chrome to minimize the risk of exploitation.