Google has rated this security risk as high, because a hacker could run malicious code within the Chrome browser.
The second flaw affects XML. Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected, said Jonathan Conradt, engineering program manager at Google.
Chris Evans of Google's security team said neither of the flaws have been rated as critical because Google Chrome uses a sandbox which prevents arbitrary code from directly running on a user's PC.