Peter Nemeth

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 107.0.5304.106 **Description** The issue is related to a use after free vulnerability in the WebCodeds component of Google Chrome, which can lead to heap corruption. This can potentially allow a remote attacker to execute arbitrary code via a crafted HTML page. **Recommendations** For versions prior to 107.0.5304.106, update to version 107.0.5304.106 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious HTML pages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 108.0.5359.71 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in Fenced Frames, allowing a remote attacker to bypass fenced frame restrictions via a crafted HTML page. This could potentially impact data integrity. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Google Chrome versions prior to 108.0.5359.71, update to version 108.0.5359.71 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.