Tavis

**Name of the Vulnerable Software and Affected Versions** GNOME gnome-shell plugin version 3.4.1 **Description** The issue allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page. **Recommendations** For version 3.4.1, consider disabling the extension installation feature from extensions.gnome.org until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 9.0.597.107 **Description** The issue is related to improper restriction of access to internal extension functions in Google Chrome, allowing for remote attack vectors. The impact of this issue is not specified. **Recommendations** For versions prior to 9.0.597.107, update to version 9.0.597.107 or later to resolve the issue.