Google’s Chrome 92 update, which was published this week, fixes ten vulnerabilities, including three highseverity problems that resulted in tens of thousands of dollars in bug rewards for researchers.
CVE202130590 is a sandbox escape flaw that can be “exploited in conjunction with an extension or a corrupted renderer,” according to the researchers. The weakness can be used by an attacker to get remote code execution outside of Chrome’s sandbox.