Seong-Hwan Park

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 92.0.4515.159 **Description** The issue is related to a use after free in the ANGLE library of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could potentially lead to arbitrary code execution. **Recommendations** For versions prior to 92.0.4515.159, update to version 92.0.4515.159 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 91.0.4472.164 **Description** The issue is related to an out of bounds write in the ANGLE library of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead to a denial of service. **Recommendations** For Google Chrome versions prior to 91.0.4472.164, update to version 91.0.4472.164 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious HTML pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 91.0.4472.101 Mozilla Thunderbird (affected versions not specified) **Description** The issue is related to an out of bounds write, which can potentially allow a remote attacker to perform out of bounds memory access. This can be achieved via a crafted HTML page. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** For Google Chrome versions prior to 91.0.4472.101, update to version 91.0.4472.101 or later to resolve the issue. For Mozilla Thunderbird, at the moment, there is no information about a newer version that contains a fix for this vulnerability.