High CVE-2023-2936: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on High CVE-2023-2935: Type Confusion in V8. Reported by Mark Brand of Google Project Zero on High CVE-2023-2934: Out of bounds memory access in Mojo. Reported by Quang Nguyễn of Viettel Cyber Security and Nguyen Phuong on High CVE-2023-2933: Use after free in PDF. Reported by Huyna at Viettel Cyber Security on High CVE-2023-2932: Use after free in PDF. High CVE-2023-2931: Use after free in PDF. Discovered by a member of Apple Security Engineering and Architecture (SEAR) and reported by sisu from CTF team HXP on High CVE-2023-3598: Out of bounds read and write in ANGLE. High CVE-2023-2930: Use after free in Extensions. High CVE-2023-2929: Out of bounds write in Swiftshader. Please see the Chrome Security Page for more information. Below, we highlight fixes that were contributed by external researchers. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix.
