Chrome 106 Update Patches Several High-Severity Vulnerabilities


All the newly resolved vulnerabilities were discovered by external researchers and the internet giant has handed out $38,000 in bug bounty rewards to the reporters.

Based on the bug bounty amounts that Google has paid out, the most severe of the newly addressed flaws is CVE-2022-3445, a use-after-free vulnerability in Skia, the open-source 2D graphics library that serves as Chrome’s graphics engine.

Google says in its advisory that it has paid a $15,000 bug bounty reward to Nan Wang and Yong Liu of Qihoo 360 for reporting the issue last month.