Common Gateway - Security Fixes

The following security fixes apply to both Classic Gateway and NextGen Gateway.

Known Vulnerability in Google Chrome Package

We have identified high-severity vulnerabilities in the Google Chrome package, including a weakness that could allow a remote attacker to read sensitive browser memory if you visit a malicious website. There are also integer overflow issues in the V8 engine that may cause browser crashes, and in rare cases, could be chained with other exploits for greater impact. As per Google’s standard security policy, technical details for these vulnerabilities are restricted.

We recommend the following workaround depending on your Gateway type. This vulnerability has been addressed in patch version 20.0.1.

  • If you are planning to upgrade to version 20.0.1, no action is required. The patch will automatically update the chrome package.
  • If you are not upgrading to 20.0.1, you must manually update the chrome and edge package using one of the following methods: