image credit: Pixabay

Google Patches More High-Value Chrome Sandbox Escape Vulnerabilities

October 25, 2019


Google has patched three more serious Chrome vulnerabilities that can be exploited to escape the web browser’s sandbox, and awarded the researcher who reported them a total of $50,000.

A Chrome 77 update released by Google in September patched two sandbox escape vulnerabilities reported to the company by Man Yue Mo of the Semmle Security Research Team. It’s worth noting that Semmle was recently acquired by GitHub for its code analysis platform.

The two flaws, caused by use-after-free bugs in the media component, were valued by Google at $20,000 each.

Read More on Security Week