CVE-2024-8909: Chromium: CVE-2024-8909 Inappropriate implementation in UI

CVE-2024-8908: Chromium: CVE-2024-8908 Inappropriate implementation in Autofill

CVE-2024-8907: Chromium: CVE-2024-8907 Insufficient data validation in Omnibox

CVE-2024-8906: Chromium: CVE-2024-8906 Incorrect security UI in Downloads

CVE-2024-8905: Chromium: CVE-2024-8905 Inappropriate implementation in V8

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?**

Exploitation of this vulnerability requires that an attacker convinces a user to open a maliciously crafted package file in Visual Studio.

Headline

CVE-2023-36792: Visual Studio Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News