Chrome 122, Firefox 123 Patch High-Severity Vulnerabilities
21-Feb-24
Chrome 122 was released in the stable channel with patches for 12 security defects, including eight that were reported by external researchers.
Two of these are high-severity flaws, the most severe of them, based on the paid bug bounty reward, being an out-of-bounds memory access bug in Blink. Google says it handed out a $7,000 reward to the reporting researcher.
The other externally reported high-severity security hole resolved with the latest Chrome update is a use-after-free flaw in Mojo, for which Google handed out a $5,000 bug bounty.
Chrome 122 also resolves five medium-severity vulnerabilities, including inappropriate implementations in Site Isolation, Content Security Policy, and Navigation, a use-after-free in Accessibility, and an insufficient policy enforcement in Download.
