MGASA-2025-0291

CVE-2024-27838 A maliciously crafted webpage may be able to fingerprint the user. Description: The issue was addressed by adding additional logic. CVE-2024-27851 Processing maliciously crafted web content may lead to arbitrary code execution. Description: The issue was addressed with improved bounds checks. CVE-2024-40776 Processing maliciously crafted web content may lead to an unexpected process crash. Description: A use-after-free issue was addressed with improved memory management. CVE-2024-40779 / CVE-2024-40780 Processing maliciously crafted web content may lead to an unexpected process crash. Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2024-40782 Processing maliciously crafted web content may lead to an unexpected process crash. Description: A use-after-free issue was addressed with improved memory management. CVE-2024-40789 Processing maliciously crafted web content may lead to an unexpected process crash. Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-4558 Processing maliciously crafted web content may lead to an unexpected process crash. Description: Use after free in ANGLE allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.