This week, Google released an update for Chrome 114 that fixes four security flaws, including three critical ones discovered by outside researchers. The internet behemoth claims to have awarded the reporting researchers with bug bounty awards of $35,000 in total.
The GitHub Security Lab researcher Man Yue Mo received the highest reward for his discovery of a type confusion flaw in Chrome’s V8 JavaScript rendering engine. The vulnerability, identified as CVE-2023-3420, received a $20,000 bug prize. The following vulnerability is CVE-2023-3421, a use-after-free flaw in Media. Piotr Bania, a researcher at Cisco Talos, received a $10,000 bug bounty for discovering this security flaw.