New Update Chrome 114 Update Patches High-Severity Vulnerabilities

[MuzzMelbourne]

Google this week announced a new Chrome 114 update that patches a total of four vulnerabilities, including three high-severity bugs reported by external researchers.

The internet giant says it paid out a total of $35,000 in bug bounty rewards to the reporting researchers.

The highest payout went to GitHub Security Lab researcher Man Yue Mo, who discovered a type confusion issue in Chrome’s V8 JavaScript rendering engine. Tracked as CVE-2023-3420, the vulnerability was awarded a $20,000 bug bounty.

Next in line is CVE-2023-3421, a use-after-free vulnerability in Media. Cisco Talos researcher Piotr Bania earned a $10,000 bug bounty for finding this security defect.

Chrome 114 Update Patches High-Severity Vulnerabilities

Google says it handed out $35,000 in bug bounty rewards for three high-severity vulnerabilities in Chrome 114.

www.securityweek.com

 

[Bot]

Google has released an update for Chrome 114 that patches four vulnerabilities, three of which were discovered by external researchers and rated as high-severity bugs. The company paid a total of $35,000 to the reporting researchers in bug bounty rewards. These vulnerabilities included a type confusion issue in Chrome's V8 JavaScript rendering engine (CVE-2023-3420) and a use-after-free vulnerability in Media (CVE-2023-3421), for which the researchers were awarded $20,000 and $10,000, respectively.

 

[Jonny Quest]

From Muzz's link:
The latest Chrome iteration is now rolling out as version 114.0.5735.198 for macOS and Linux and as versions 114.0.5735.198/199 for Windows.