Google on Wednesday announced a Chrome 115 update that patches 17 vulnerabilities, including 11 flaws reported by external researchers.
The browser update resolves three high-severity type confusion bugs in the V8 JavaScript and WebAssembly engine that earned the reporting researchers over $60,000 in bug bounties, Google notes in its
advisory.
The internet giant says it handed out $43,000 in rewards to a security researcher named ‘Jerry’, who reported two of these V8 issues, tracked as CVE-2023-4068 and CVE-2023-4070.
A $21,000 bug bounty was awarded to Man Yue Mo of GitHub Security Lab, for reporting the third type confusion bug, tracked as CVE-2023-4069.
The latest Chrome update resolves six other high-severity vulnerabilities. Based on the paid bug bounties, the most severe of these is CVE-2023-4071, a heap buffer overflow bug in Visuals.