Disclosed Chromium Security Bugs

OOB read in JsonStringifier::SerializeString

#398999390Reporter: ze...@gmail.com
$2,000
6/5/2025

Vulnerability: Upgrade @babel/traverse to 7.23.2 in GoB repo chromium/infra/infra/go/src/infra

#398735336Reporter: au...@google.com
$0
6/5/2025

CHECK failure: !is_on_heap() in heap-refs.cc

#399173688Reporter: 24...@project.gserviceaccount.com
$0
6/5/2025

Vulnerability: Upgrade deep-extend to 0.5.1 in GoB repo chromium/infra/infra/go/src/infra

#398734447Reporter: au...@google.com
$0
6/5/2025

Vulnerability: Upgrade immer to 9.0.6 in GoB repo chromium/infra/infra/go/src/infra

#398735550Reporter: au...@google.com
$0
6/5/2025

Always used bounded ranges (i.e., string_view) for strings parsed from the histogram shared memory region.

#393394360Reporter: ro...@google.com
$0
6/5/2025

V8 Maglev improper folded allocation handling (leading to memory safety issues)

#398065918Reporter: rz...@excello.cz
$7,000
6/4/2025

DCHECK failure in Tagged v8::internal::Cast(Tagged, const v8::SourceLocation &) [To = v8

#398067539Reporter: 24...@project.gserviceaccount.com
$0
6/4/2025

CHECK failure: isolate == Isolate::TryGetCurrent()

#398401921Reporter: 24...@project.gserviceaccount.com
$0
6/4/2025

Security: Fatal error in src/compiler/turbofan-typer.cc, line 451

#398431403Reporter: da...@gmail.com
$7,000
6/4/2025
Showing 1891-1900 of 10189 bugs
1...189190191...1019