"Google is aware that an exploit for CVE-2023-6345 exists in the wild," the internet giant notes in its advisory, without providing specific details on the observed exploitation.
The latest Chrome update patches five other high-severity vulnerabilities, including three use-after-free issues in Mojo, WebAudio, and libavif, a type confusion bug in Spellcheck, and an out-of-bounds memory access flaw in libavif.
Google says it has handed out $55,000 in bounty rewards to the reporting researchers, with the highest payout ($31,000) going to Leecraso and Guang Gong of 360 Vulnerability Research Institute, for the vulnerability in Mojo (CVE-2023-6347).
[
add
]
[
|
|
...
]