Disclosed Chromium Security Bugs

CHECK failure: external_backing_store_bytes[t] == ExternalBackingStoreBytes(t) in large-spaces.

#40059771Reporter: cl...@chromium.org
$0
9/7/2022

Security: Heap use-after-free when bind/unbind TransformFeedback after deleting buffer

#40059796Reporter: gg...@gmail.com
$12,000
9/7/2022

Use-of-uninitialized-value in v8::internal::Runtime_NotifyDeoptimized

#40059797Reporter: cl...@chromium.org
$0
9/7/2022

CHECK failure: kind == DeoptimizeKind::kLazy

#40059799Reporter: cl...@chromium.org
$0
9/7/2022

DCHECK failure in !done() in bytecode-array-iterator.h

#40059801Reporter: cl...@chromium.org
$0
9/7/2022

Index-out-of-bounds in v8::internal::interpreter::Bytecodes::Size

#40059802Reporter: cl...@chromium.org
$0
9/7/2022

dawn_wire_server_and_frontend_fuzzer: Use-of-uninitialized-value in dawn::native::vulkan::GatherGlobalInfo

#40059803Reporter: cl...@chromium.org
$0
9/7/2022

CHECK failure: kind == DeoptimizeKind::kLazy in deoptimizer.cc

#40059806Reporter: cl...@chromium.org
$0
9/7/2022

Crash in Builtins_AsyncFromSyncIteratorPrototypeThrow

#40059807Reporter: cl...@chromium.org
$0
9/7/2022

Crash in v8::internal::DeoptAllOsrLoopsContainingDeoptExit

#40059811Reporter: cl...@chromium.org
$0
9/7/2022
Showing 5471-5480 of 10875 bugs
1...547548549...1088