Youssef Sammouda

#11158of 53,633
24.7Total CVSS
Vulnerabilities · 3
High
3
PT-2022-1600
8.8
2022-02-01
Google · Google Chrome · CVE-2022-0462
**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 98.0.4758.80 **Description** The issue is related to an inappropriate implementation in the Scroll component of Google Chrome, which allowed a remote attacker to leak cross-origin data via a crafted HTML page. This is due to a security check being incorrectly implemented for standard elements, potentially allowing a remote attacker to access confidential information or cause a denial of service. **Recommendations** For versions prior to 98.0.4758.80, update to version 98.0.4758.80 or later to resolve the issue.
PT-2022-6785
7.8
2022-01-04
Google · Google Chrome · CVE-2022-4925
**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 97.0.4692.71 **Description** The issue is related to insufficient validation of untrusted input in the QUIC protocol implementation in Google Chrome. This can be exploited by a remote attacker to perform header splitting via malicious network traffic, potentially affecting the integrity of protected information. **Recommendations** For versions prior to 97.0.4692.71, update to version 97.0.4692.71 or later to resolve the issue. As a temporary workaround, consider restricting the use of the QUIC protocol until a patch is applied.
PT-2021-5250
8.1
2021-08-16
Mozilla · Thunderbird · CVE-2021-29991
**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 91.0.1 Thunderbird versions prior to 91.0.1 **Description** The issue is related to the incorrect handling of HTTP requests, which can lead to a header splitting attack against servers using HTTP/3. This allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability affects Firefox and Thunderbird, and it is related to the incorrect interpretation of a newline in an HTTP/3 header as two separate headers. **Recommendations** For Firefox versions prior to 91.0.1, update to version 91.0.1 or later to resolve the issue. For Thunderbird versions prior to 91.0.1, update to version 91.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to servers using HTTP/3 to minimize the risk of exploitation.