Categories
Audio Posts and Shared Links Audio Sources - Full Text Articles

Google Chrome 109 update addresses six security vulnerabilities

Listen to this article

google-chrome-bounty-program.jpg?fit=780

Google addressed six security vulnerabilities in its web browser Chrome, none of them actively exploited in the wild.

Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities.

Four of the addressed flaws were reported by external researchers that were awarded for more than $26,500 for their findings. Below are the flaws reported by the researchers:

  • [$16000][1376354] High CVE-2023-0471: Use after free in WebTransport. Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564) on 2022-10-19
  • [$3000][1405256] High CVE-2023-0472: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-01-06
  • [$7500][1404639] Medium CVE-2023-0473: Type Confusion in ServiceWorker API. Reported by raven at KunLun lab on 2023-01-03
  • [$TBD][1400841] Medium CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L on 2022-12-14

The good news is that Google is not aware of attacks in the wild exploiting one of these vulnerabilities.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Chrome)

[adrotate banner=”5″]

[adrotate banner=”13″]

The post Google Chrome 109 update addresses six security vulnerabilities appeared first on Security Affairs.

WP Radio
WP Radio
OFFLINE LIVE