{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Prisma Browser: Monthly Vulnerability Updates"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: PAN-SA-2024-0009","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-03-11T22:38:37.354Z","generator":{"date":"2026-03-11T22:38:37.354Z","engine":{"name":"vulnogram","version":"0.1.0-rc1"}},"id":"PAN-SA-2024-0009","initial_release_date":"2024-09-11T16:00:00.000Z","revision_history":[{"number":"1","date":"2024-09-11T09:00:00.000Z","summary":"Initial publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Prisma Browser","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/Prisma Browser<128.91.2869.7","product":{"name":"Palo Alto Networks Prisma Browser","product_id":"PANW-Prisma-Access-Browser-24"}},{"category":"product_version_range","name":"vers:generic/Prisma Browser>=128.138.2888.2","product":{"name":"Palo Alto Networks Prisma Browser","product_id":"PANW-Prisma-Access-Browser-25"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2024-7964","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Use after free in Passwords."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7964","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7964"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Use after free in Passwords."}]},{"cve":"CVE-2024-7965","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7965","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7965"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in V8."}]},{"cve":"CVE-2024-7966","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Out of bounds memory access in Skia."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7966","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7966"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Out of bounds memory access in Skia."}]},{"cve":"CVE-2024-7967","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Heap buffer overflow in Fonts."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7967","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7967"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Heap buffer overflow in Fonts."}]},{"cve":"CVE-2024-7968","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Use after free in Autofill."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7968","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7968"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Use after free in Autofill."}]},{"cve":"CVE-2024-7971","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Type confusion in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7971","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7971"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Type confusion in V8."}]},{"cve":"CVE-2024-7972","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7972","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7972"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in V8."}]},{"cve":"CVE-2024-7973","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Heap buffer overflow in PDFium."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7973","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7973"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Heap buffer overflow in PDFium."}]},{"cve":"CVE-2024-7974","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in V8 API."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7974","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7974"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in V8 API."}]},{"cve":"CVE-2024-7975","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Permissions."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7975","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7975"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Permissions."}]},{"cve":"CVE-2024-7976","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in FedCM."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7976","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7976"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in FedCM."}]},{"cve":"CVE-2024-7977","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in Installer."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7977","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7977"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in Installer."}]},{"cve":"CVE-2024-7978","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient policy enforcement in Data Transfer."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7978","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7978"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient policy enforcement in Data Transfer."}]},{"cve":"CVE-2024-7979","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in Installer."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7979","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7979"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in Installer."}]},{"cve":"CVE-2024-7980","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in Installer."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7980","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7980"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Insufficient data validation in Installer."}]},{"cve":"CVE-2024-7981","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Views."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7981","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7981"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Views."}]},{"cve":"CVE-2024-8033","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in WebApp Installs."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8033","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8033"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in WebApp Installs."}]},{"cve":"CVE-2024-8034","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Custom Tabs."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8034","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8034"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Custom Tabs."}]},{"cve":"CVE-2024-8035","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Extensions."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8035","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8035"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.91.2869.7 - Chromium: Inappropriate implementation in Extensions."}]},{"cve":"CVE-2024-7969","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Type Confusion in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7969","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7969"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Type Confusion in V8."}]},{"cve":"CVE-2024-8193","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Heap buffer overflow in Skia."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8193","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8193"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Heap buffer overflow in Skia."}]},{"cve":"CVE-2024-8194","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Type Confusion in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8194","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8194"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Type Confusion in V8."}]},{"cve":"CVE-2024-8198","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Heap buffer overflow in Skia."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8198","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8198"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.114.2877.3 - Chromium: Heap buffer overflow in Skia."}]},{"cve":"CVE-2024-8362","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.120.2884.4 - Chromium: Use after free in WebAudio."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8362","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8362"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.120.2884.4 - Chromium: Use after free in WebAudio."}]},{"cve":"CVE-2024-7970","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.120.2884.4 - Chromium: Out of bounds write in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-7970","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7970"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.120.2884.4 - Chromium: Out of bounds write in V8."}]},{"cve":"CVE-2024-8636","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Heap buffer overflow in Skia."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8636","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8636"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Heap buffer overflow in Skia."}]},{"cve":"CVE-2024-8637","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Use after free in Media Router."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8637","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8637"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Use after free in Media Router."}]},{"cve":"CVE-2024-8638","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Type Confusion in V8."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8638","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8638"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Type Confusion in V8."}]},{"cve":"CVE-2024-8639","product_status":{"fixed":["PANW-Prisma-Access-Browser-25"],"known_affected":["PANW-Prisma-Access-Browser-24"]},"notes":[{"category":"description","text":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Use after free in Autofill."}],"references":[{"category":"external","summary":"NVD - CVE-2024-8639","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8639"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0009","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0009"}],"threats":[{"category":"impact","description":"Fixed in Prisma Browser 128.138.2888.2 - Chromium: Use after free in Autofill."}]}]}