- Feb 7, 2014
- 1,540
Google on Wednesday patched 21 security vulnerabilities in Chrome, including a half dozen rated high severity that were reported by external researchers and were eligible for a bounty.
Bug hunters earned a total of $30,000 in bounties, with a top payout of $7,500 to an unnamed researcher for a universal cross-site scripting flaw found in Blink, the Chrome browser engine.
The Chrome 54 update (54.0.2840.59) applies to the Windows, Mac, and Linux versions of the browser. Google said in its security bulletin the updates will roll out over the next days and weeks to Chrome browsers.
Google hasn’t revealed many details on the vulnerabilities discovered. The universal XSS bug (CVE-2016-5181) in Blink was one of several vulnerabilities that impacted the browser engine. A second heap overflow bug (CVE-2016-5182) in Blink was reported by a researcher Giwan Go of Korean security company Stealien.
You can read the rest here: Google Plugs 21 Security Holes in Chrome
Bug hunters earned a total of $30,000 in bounties, with a top payout of $7,500 to an unnamed researcher for a universal cross-site scripting flaw found in Blink, the Chrome browser engine.
The Chrome 54 update (54.0.2840.59) applies to the Windows, Mac, and Linux versions of the browser. Google said in its security bulletin the updates will roll out over the next days and weeks to Chrome browsers.
Google hasn’t revealed many details on the vulnerabilities discovered. The universal XSS bug (CVE-2016-5181) in Blink was one of several vulnerabilities that impacted the browser engine. A second heap overflow bug (CVE-2016-5182) in Blink was reported by a researcher Giwan Go of Korean security company Stealien.
You can read the rest here: Google Plugs 21 Security Holes in Chrome
