Search giant Google has released a new version of its popular internet browser. Chrome 107 removes a total of 14 vulnerabilities, three of which are high-risk. The company became aware of these security issues thanks to external researchers who rewarded each of them with money. According to the statement, three of the patched vulnerabilities were given a high risk rating, six a medium risk, and one a lowest risk rating. In order to exploit these vulnerabilities, it is necessary to trick the user into opening a specially crafted web page. After this stage, it becomes possible to execute code or a DoS attack on the system.
What are the three dangerous deficits about?
The most dangerous vulnerability has been assigned the ID CVE-2022-3652. It is stated to be related to Type Confusion in V8 JavaScript and WebAssembly engine. Google gave a $20,000 reward to the security expert who reported the vulnerability to them. The next vulnerability of importance has the ID CVE-2022-3653. It opens up the possibility of buffer overflow in the Vulkan engine. The researcher who discovered it received $17,000. The last dangerous exploit, CVE-2022-3654, exploits dynamic memory misuse. Google has yet to decide on the amount of money to be paid for this deficit.