Nedwilliamson

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 66.0.3359.139 **Description** The issue is related to a double-eviction in the Incognito mode cache, leading to a user-after-free in the cache. This allows a remote attacker who has compromised the renderer process to execute arbitrary code via a crafted HTML page. The vulnerability is associated with the Media Cache component and involves the use of memory after it has been freed, which can be exploited by a remote attacker to execute arbitrary code using a specially crafted HTML page. **Recommendations** For versions prior to 66.0.3359.139, update to version 66.0.3359.139 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 60.0.3112.78 Opera versions prior to 60.0.3112.78 **Description** A use after free in IndexedDB allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, potentially impacting the confidentiality, integrity, and availability of data. **Recommendations** For Google Chrome versions prior to 60.0.3112.78, update to version 60.0.3112.78 or later. For Opera versions prior to 60.0.3112.78, update to version 60.0.3112.78 or later.