The most severe of these security defects could be exploited to execute arbitrary code with the same privileges as the Chrome browser has on the target system.

Of the 19 flaws, eight carry a severity rating of high, 10 are considered medium severity, and one low risk. More than half of the externally reported vulnerabilities addressed in this release are use-after-free bugs.

The most important of these issues are CVE-2022-0452 and CVE-2022-0453, two use-after-free bugs in safe browsing and reader mode. The reporting researchers were awarded $20,000 rewards each, Google says in its advisory.