Nine of the externally reported security holes are rated high severity, the majority of which are use-after-free bugs affecting components such as Cast UI, Omnibox, Views, WebShare, and Media.
Google says it has paid out a total of $33,000 in bug bounties for these five vulnerabilities, including $7,000 for each of the first four issues and $5,000 for the fifth.
A higher bug bounty reward – of $10,000 – was handed out for a heap-buffer overflow issue in ANGLE (CVE-2022-0789).