**Name of the Vulnerable Software and Affected Versions:**

Google Chrome versions prior to 123.0.6312.86

Microsoft Edge (Chromium-based) versions prior to 123.0.6312.86

Chromium versions prior to 123.0.6312.86

nodejs-electron versions 28.2.10-1.1

chromedriver versions 124.0.6367.201-1.1

chromium-gost versions 125.0.6422.112-alt0.c10.1

yandex-browser-certified (affected versions not specified)

MosOS (affected versions not specified)

OpenSUSE (affected versions not specified)

**Description:**

A type confusion vulnerability exists in the WebAssembly (WASM) module decoder in Google Chrome and Microsoft Edge (Chromium). This flaw allows a remote attacker to execute arbitrary code by crafting a malicious HTML page. The vulnerability is related to accessing a resource through incompatible types within the WASM module. Exploitation can lead to remote code execution.

**Recommendations:**

Google Chrome versions prior to 123.0.6312.86: Upgrade to version 123.0.6312.86 or later.

Microsoft Edge (Chromium-based) versions prior to 123.0.6312.86: Upgrade to version 123.0.6312.86 or later.

Chromium versions prior to 123.0.6312.86: Upgrade to version 123.0.6312.86 or later.

nodejs-electron version 28.2.10-1.1: Upgrade to a newer version.

chromedriver version 124.0.6367.201-1.1: Upgrade to a newer version.

chromium-gost version 125.0.6422.112-alt0.c10.1: Upgrade to a newer version.

yandex-browser-certified: Upgrade to a newer version.

MosOS: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OpenSUSE: At the moment, there is no information about a newer version that contains a fix for this vulnerability.