- [28804] [31880] High Race conditions and pointer errors in the sandbox infrastructure.Credit to Mark Dowd, under contract to Google Chrome Security Team.
- [30801] [33445] Low Delete persisted metadata such as Web Databases and STS.Credit to Google Chrome Security Team (Chris Evans) and RSnake of ha.ckers.org.
- [33572] Medium HTTP headers processed before SafeBrowsing check.Credit to Mike Dougherty of dotSyntax, LLC.
- [$500] [34978] High Memory error with malformed SVG.Credit to wushi of team509.
- [$1337] [35724] High Integer overflows in WebKit JavaScript objects.Credit to Sergey Glazunov.
- [36772] Medium HTTP basic auth dialog URL truncation.Credit to Google Chrome Security Team (Inferno).
- [37007] Medium Bypass of download warning dialog.Credit to kuzzcc.
- [$1000] [37383] High Cross-origin bypass.Credit to kuzzcc.
- [$500] [Affected BETA only] [37061] High Memory error with empty SVG element.Credit to Aki Helin of OUSPG.
|