Last week, Google released a patch for Chrome 111 that addresses eight vulnerabilities, including seven that were discovered by outside researchers. The most significant of these flaws is CVE-2023-1528, a use-after-free weakness in Chrome’s Passwords component, according to the bug bounty payment awarded.
Four of the seven flaws that were reported from the outside are use-after-free vulnerabilities, which are high-severity memory safety bugs that could result in arbitrary code execution, data corruption, or denial of service.