## Security

### Thorium Security Policy

 - If it is a vulnerability in Chromium, please report it upstream [Here](https://bugs.chromium.org/p/chromium/issues/entry).
 - If it is a vulnerability in Thorium, file an issue on GitHub. However, if it is major and/or a zero day, please email me instead at Alex313031@gmail.com

### List of major vulnerabilities fixed in Thorium

 – libwebp WebP bug [CVE-2023-4863](https://nvd.nist.gov/vuln/detail/CVE-2023-4863) - Fixed in M117

 – libvpx VP8 bug [CVE-2023-5217](https://nvd.nist.gov/vuln/detail/CVE-2023-5217) - Fixed in M117

 – USB data validation bug [CVE-2023-5482](https://github.com/advisories/GHSA-7cjp-92p9-vr97) - Fixed in M120

 – USB integer overflow bug [CVE-2023-5849](https://github.com/advisories/GHSA-pq78-6h8h-rcf4) - Fixed in M120

 – Use after free bug [CVE-2024-4671](https://nvd.nist.gov/vuln/detail/CVE-2024-4671) - Fixed in M124