Mufeed Vh

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** A type confusion issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Type confusion occurs when a program accesses a resource using a type that is different from the type it was originally allocated with. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 149.0.7827.53 **Description** An uninitialized use in ANGLE (Almost Native Graphics Layer Engine, an open-source graphics abstraction layer) allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. **Recommendations** Update to version 149.0.7827.53 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.216 **Description** An integer overflow in ANGLE allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. **Recommendations** Update to version 148.0.7778.216 or later.

**Name of the Vulnerable Software and Affected Versions** NGINX Plus (affected versions not specified) NGINX Open Source (affected versions not specified) **Description** The `ngx stream ssl module` module contains an issue with the improper handling of revoked certificates. When configured with the `ssl verify client` on and `ssl ocsp` on directives, the TLS handshake may succeed even if an Online Certificate Status Protocol (OCSP) check identifies the certificate as revoked. This flaw in the authorization procedure could allow a remote attacker to bypass security restrictions and gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.