Google has released a Chrome update that addresses four security flaws, two of which are already being exploited in the wild.
CVE-2021-37976, a medium-severity information leak issue in the core, and CVE-2021-37975, a high-severity use-after-free bug in the V8 engine are among the exploited vulnerabilities.
“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,” Google says.
According to search giant, the reporting researcher, Weipeng Jiang of the Codesafe Team of Legendsec at Qi’anxin Group, received a US$20,000 bug bounty prize for disclosing this vulnerability.
To Read More: Securityweek
For more such updates follow us on Google News ITsecuritywire News.