cvelistv5 - cve-2025-12036

CVE-2025-12036 (GCVE-0-2025-12036)

Vulnerability from cvelistv5

Published

2025-11-06 22:24

Modified

2025-11-08 04:55

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Inappropriate implementation

Summary

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

References

URL

Tags

	chrome-cve-admin@google.com	https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html
	chrome-cve-admin@google.com	https://issues.chromium.org/issues/452296415

Impacted products

	Vendor	Product	Version
	Google	Chrome	Version: 141.0.7390.122 < 141.0.7390.122

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-12036",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-27T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-08T04:55:14.335Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "141.0.7390.122",
              "status": "affected",
              "version": "141.0.7390.122",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inappropriate implementation",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T22:24:32.370Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html"
        },
        {
          "url": "https://issues.chromium.org/issues/452296415"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-12036",
    "datePublished": "2025-11-06T22:24:32.370Z",
    "dateReserved": "2025-10-21T17:39:12.861Z",
    "dateUpdated": "2025-11-08T04:55:14.335Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-12036\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2025-11-06T23:15:35.593\",\"lastModified\":\"2025-11-07T14:15:48.290\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://issues.chromium.org/issues/452296415\",\"source\":\"chrome-cve-admin@google.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-12036\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-07T13:39:32.095866Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-07T13:40:06.454Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Chrome\", \"versions\": [{\"status\": \"affected\", \"version\": \"141.0.7390.122\", \"lessThan\": \"141.0.7390.122\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html\"}, {\"url\": \"https://issues.chromium.org/issues/452296415\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Inappropriate implementation\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2025-11-06T22:24:32.370Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-12036\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-08T04:55:14.335Z\", \"dateReserved\": \"2025-10-21T17:39:12.861Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2025-11-06T22:24:32.370Z\", \"assignerShortName\": \"Chrome\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2025-AVI-0955

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Edge versions antérieures à 142.0.3595.53

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Edge CVE-2025-60711	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12432	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12433	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12446	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12438	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12444	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12445	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12428	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12036	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12429	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12440	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12434	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12435	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12431	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12439	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12447	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12430	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12437	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12436	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12441	2025-10-31	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-12443	2025-10-31	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 142.0.3595.53",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-12433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12433"
    },
    {
      "name": "CVE-2025-12444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12444"
    },
    {
      "name": "CVE-2025-12036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12036"
    },
    {
      "name": "CVE-2025-12438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12438"
    },
    {
      "name": "CVE-2025-12435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12435"
    },
    {
      "name": "CVE-2025-12431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12431"
    },
    {
      "name": "CVE-2025-12445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12445"
    },
    {
      "name": "CVE-2025-12437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12437"
    },
    {
      "name": "CVE-2025-12434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12434"
    },
    {
      "name": "CVE-2025-12439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12439"
    },
    {
      "name": "CVE-2025-12432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12432"
    },
    {
      "name": "CVE-2025-12443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12443"
    },
    {
      "name": "CVE-2025-12429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12429"
    },
    {
      "name": "CVE-2025-12436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12436"
    },
    {
      "name": "CVE-2025-12446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12446"
    },
    {
      "name": "CVE-2025-12441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12441"
    },
    {
      "name": "CVE-2025-12440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12440"
    },
    {
      "name": "CVE-2025-12430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12430"
    },
    {
      "name": "CVE-2025-60711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60711"
    },
    {
      "name": "CVE-2025-12447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12447"
    },
    {
      "name": "CVE-2025-12428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12428"
    }
  ],
  "initial_release_date": "2025-11-03T00:00:00",
  "last_revision_date": "2025-11-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0955",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-11-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-60711",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60711"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12432",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12432"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12433",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12433"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12446",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12446"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12438",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12438"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12444",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12444"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12445",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12445"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12428",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12428"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12036",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12036"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12429",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12429"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12440",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12440"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12434",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12434"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12435",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12435"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12431",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12431"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12439",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12439"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12447",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12447"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12430",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12430"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12437",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12437"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12436",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12436"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12441",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12441"
    },
    {
      "published_at": "2025-10-31",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-12443",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12443"
    }
  ]
}

CERTFR-2025-AVI-0901

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Google Chrome. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome versions antérieures à 141.0.7390.122/.123 pour Windows et Mac
	Google	Chrome	Chrome versions antérieures à 141.0.7390.122 pour Linux

References

Title

Publication Time

Tags

Bulletin de sécurité Google Chrome

2025-10-21

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 141.0.7390.122/.123 pour Windows et Mac",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 141.0.7390.122 pour Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-12036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12036"
    }
  ],
  "initial_release_date": "2025-10-22T00:00:00",
  "last_revision_date": "2025-10-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0901",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-10-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Google Chrome. Elle permet \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Vuln\u00e9rabilit\u00e9 dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": "2025-10-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome",
      "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html"
    }
  ]
}

CERTFR-2025-AVI-0937

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Google	Chrome	Chrome versions antérieures à 142.0.7444.59/60 pour Windows
Google	Chrome	Chrome versions antérieures à 142.0.7444.59 pour Linux
Google	Chrome	Chrome versions antérieures à 142.0.7444.60 pour Mac

References

Title

Publication Time

Tags

Bulletin de sécurité Google Chrome

2025-10-28

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 142.0.7444.59/60 pour Windows",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 142.0.7444.59 pour Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 142.0.7444.60 pour Mac",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-12433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12433"
    },
    {
      "name": "CVE-2025-12444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12444"
    },
    {
      "name": "CVE-2025-12036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12036"
    },
    {
      "name": "CVE-2025-12438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12438"
    },
    {
      "name": "CVE-2025-12435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12435"
    },
    {
      "name": "CVE-2025-12431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12431"
    },
    {
      "name": "CVE-2025-12445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12445"
    },
    {
      "name": "CVE-2025-12437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12437"
    },
    {
      "name": "CVE-2025-12434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12434"
    },
    {
      "name": "CVE-2025-12439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12439"
    },
    {
      "name": "CVE-2025-12432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12432"
    },
    {
      "name": "CVE-2025-12443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12443"
    },
    {
      "name": "CVE-2025-12429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12429"
    },
    {
      "name": "CVE-2025-12436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12436"
    },
    {
      "name": "CVE-2025-12446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12446"
    },
    {
      "name": "CVE-2025-12441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12441"
    },
    {
      "name": "CVE-2025-12440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12440"
    },
    {
      "name": "CVE-2025-12430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12430"
    },
    {
      "name": "CVE-2025-12447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12447"
    },
    {
      "name": "CVE-2025-12428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12428"
    }
  ],
  "initial_release_date": "2025-10-30T00:00:00",
  "last_revision_date": "2025-10-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0937",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-10-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": "2025-10-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome",
      "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html"
    }
  ]
}

wid-sec-w-2025-2445

Vulnerability from csaf_certbund

Published

2025-10-29 23:00

Modified

2025-11-04 23:00

Summary

Google Chrome/Microsoft Edge: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Chrome ist ein Internet-Browser von Google. Edge ist ein Internet-Browser von Microsoft.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Chrome/Microsoft Edge ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen, möglicherweise um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Spoofing- oder Cross-Site-Scripting-Angriffe durchzuführen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Chrome ist ein Internet-Browser von Google.\r\nEdge ist ein Internet-Browser von Microsoft.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Chrome/Microsoft Edge ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren, m\u00f6glicherweise um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen oder Spoofing- oder Cross-Site-Scripting-Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2445 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2445.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2445 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2445"
      },
      {
        "category": "external",
        "summary": "Stable Channel Update for Desktop vom 2025-10-29",
        "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6046 vom 2025-10-30",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00213.html"
      },
      {
        "category": "external",
        "summary": "Release notes for Microsoft Edge Security Updates vom 2025-11-02",
        "url": "https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#october-31-2025"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-6C9C483E21 vom 2025-11-02",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-6c9c483e21"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15687-1 vom 2025-11-01",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Z4ORVOIBVRSZQTQXT6SZNXWFJWHWIJB2/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0413-1 vom 2025-10-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K3ZFB7GAOGA2AOYKUZZUV4XQZTV4P76N/"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-313F6D7702 vom 2025-11-02",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-313f6d7702"
      },
      {
        "category": "external",
        "summary": "Release notes for Microsoft Edge Security Updates vom 2025-11-04",
        "url": "https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#november-4-2025"
      }
    ],
    "source_lang": "en-US",
    "title": "Google Chrome/Microsoft Edge: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-04T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-05T06:43:25.481+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-2445",
      "initial_release_date": "2025-10-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-10-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-10-30T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-11-02T23:00:00.000+00:00",
          "number": "3",
          "summary": "Edge Update aufgenommen"
        },
        {
          "date": "2025-11-04T23:00:00.000+00:00",
          "number": "4",
          "summary": "Edge Update aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Linux \u003c142.0.7444.59",
                "product": {
                  "name": "Google Chrome Linux \u003c142.0.7444.59",
                  "product_id": "T048217"
                }
              },
              {
                "category": "product_version",
                "name": "Linux 142.0.7444.59",
                "product": {
                  "name": "Google Chrome Linux 142.0.7444.59",
                  "product_id": "T048217-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:google:chrome:linux__142.0.7444.59"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Windows \u003c142.0.7444.59/60",
                "product": {
                  "name": "Google Chrome Windows \u003c142.0.7444.59/60",
                  "product_id": "T048218"
                }
              },
              {
                "category": "product_version",
                "name": "Windows 142.0.7444.59/60",
                "product": {
                  "name": "Google Chrome Windows 142.0.7444.59/60",
                  "product_id": "T048218-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:google:chrome:windows__142.0.7444.5960"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Mac \u003c142.0.7444.60",
                "product": {
                  "name": "Google Chrome Mac \u003c142.0.7444.60",
                  "product_id": "T048219"
                }
              },
              {
                "category": "product_version",
                "name": "Mac 142.0.7444.60",
                "product": {
                  "name": "Google Chrome Mac 142.0.7444.60",
                  "product_id": "T048219-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:google:chrome:mac__142.0.7444.60"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Chrome"
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c142.0.3595.58",
                "product": {
                  "name": "Microsoft Edge \u003c142.0.3595.58",
                  "product_id": "T048300"
                }
              },
              {
                "category": "product_version",
                "name": "142.0.3595.58",
                "product": {
                  "name": "Microsoft Edge 142.0.3595.58",
                  "product_id": "T048300-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:edge:142.0.3595.58"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Edge"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-12036",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12036"
    },
    {
      "cve": "CVE-2025-12428",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12428"
    },
    {
      "cve": "CVE-2025-12429",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12429"
    },
    {
      "cve": "CVE-2025-12430",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12430"
    },
    {
      "cve": "CVE-2025-12431",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12431"
    },
    {
      "cve": "CVE-2025-12432",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12432"
    },
    {
      "cve": "CVE-2025-12433",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12433"
    },
    {
      "cve": "CVE-2025-12434",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12434"
    },
    {
      "cve": "CVE-2025-12435",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12435"
    },
    {
      "cve": "CVE-2025-12436",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12436"
    },
    {
      "cve": "CVE-2025-12437",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12437"
    },
    {
      "cve": "CVE-2025-12438",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12438"
    },
    {
      "cve": "CVE-2025-12439",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12439"
    },
    {
      "cve": "CVE-2025-12440",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12440"
    },
    {
      "cve": "CVE-2025-12441",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12441"
    },
    {
      "cve": "CVE-2025-12443",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12443"
    },
    {
      "cve": "CVE-2025-12444",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12444"
    },
    {
      "cve": "CVE-2025-12445",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12445"
    },
    {
      "cve": "CVE-2025-12446",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12446"
    },
    {
      "cve": "CVE-2025-12447",
      "product_status": {
        "known_affected": [
          "T048219",
          "T048218",
          "T048217",
          "2951",
          "T027843",
          "T048300",
          "74185"
        ]
      },
      "release_date": "2025-10-29T23:00:00.000+00:00",
      "title": "CVE-2025-12447"
    }
  ]
}

wid-sec-w-2025-2375

Vulnerability from csaf_certbund

Published

2025-10-21 22:00

Modified

2025-10-30 23:00

Summary

Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff

Notes

Produktbeschreibung

Chrome ist ein Internet-Browser von Google.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Chrome ist ein Internet-Browser von Google.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2375 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2375.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2375 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2375"
      },
      {
        "category": "external",
        "summary": "Chrome Stable Channel Update vom 2025-10-21",
        "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-6728AC0FCA vom 2025-10-23",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-6728ac0fca"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2025-BAB8CE5461 vom 2025-10-23",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-bab8ce5461"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-C75C2892D7 vom 2025-10-23",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-c75c2892d7"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-80C24C67B6 vom 2025-10-23",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-80c24c67b6"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2025-EBFFAB4484 vom 2025-10-23",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-ebffab4484"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0403-1 vom 2025-10-23",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QJKUZCTN2LPBZAIDUBZWJXVM3T7KDTCO/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0402-1 vom 2025-10-23",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S7FJ6ZEPK3XG47Q6T3VTIVZYOOJVQX2M/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6036 vom 2025-10-24",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00202.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15665-1 vom 2025-10-25",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SMUMZGNE6BZMPOD553MN7IWBGMJYKEIR/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6046 vom 2025-10-30",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00213.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Google Chrome: Schwachstelle erm\u00f6glicht nicht spezifizierten Angriff",
    "tracking": {
      "current_release_date": "2025-10-30T23:00:00.000+00:00",
      "generator": {
        "date": "2025-10-31T09:28:56.840+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-2375",
      "initial_release_date": "2025-10-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-10-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-10-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2025-10-23T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von openSUSE und Debian aufgenommen"
        },
        {
          "date": "2025-10-26T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-10-30T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Windows, Mac \u003c141.0.7390.122/.123",
                "product": {
                  "name": "Google Chrome Windows, Mac \u003c141.0.7390.122/.123",
                  "product_id": "T048021"
                }
              },
              {
                "category": "product_version",
                "name": "Windows, Mac 141.0.7390.122/.123",
                "product": {
                  "name": "Google Chrome Windows, Mac 141.0.7390.122/.123",
                  "product_id": "T048021-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:google:chrome:windows_mac__141.0.7390.122.123"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Linux \u003c141.0.7390.122",
                "product": {
                  "name": "Google Chrome Linux \u003c141.0.7390.122",
                  "product_id": "T048022"
                }
              },
              {
                "category": "product_version",
                "name": "Linux 141.0.7390.122",
                "product": {
                  "name": "Google Chrome Linux 141.0.7390.122",
                  "product_id": "T048022-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:google:chrome:linux__141.0.7390.122"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Chrome"
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-12036",
      "product_status": {
        "known_affected": [
          "2951",
          "T048021",
          "T027843",
          "T048022",
          "74185"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-12036"
    }
  ]
}

opensuse-su-2025:15665-1

Vulnerability from csaf_opensuse

Published

2025-10-24 00:00

Modified

2025-10-24 00:00

Summary

chromedriver-141.0.7390.122-1.1 on GA media

Notes

Title of the patch

chromedriver-141.0.7390.122-1.1 on GA media

Description of the patch

These are all security issues fixed in the chromedriver-141.0.7390.122-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15665

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "chromedriver-141.0.7390.122-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the chromedriver-141.0.7390.122-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15665",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15665-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-12036 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-12036/"
      }
    ],
    "title": "chromedriver-141.0.7390.122-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-10-24T00:00:00Z",
      "generator": {
        "date": "2025-10-24T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15665-1",
      "initial_release_date": "2025-10-24T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-10-24T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-141.0.7390.122-1.1.aarch64",
                "product": {
                  "name": "chromedriver-141.0.7390.122-1.1.aarch64",
                  "product_id": "chromedriver-141.0.7390.122-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-141.0.7390.122-1.1.aarch64",
                "product": {
                  "name": "chromium-141.0.7390.122-1.1.aarch64",
                  "product_id": "chromium-141.0.7390.122-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-141.0.7390.122-1.1.ppc64le",
                "product": {
                  "name": "chromedriver-141.0.7390.122-1.1.ppc64le",
                  "product_id": "chromedriver-141.0.7390.122-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-141.0.7390.122-1.1.ppc64le",
                "product": {
                  "name": "chromium-141.0.7390.122-1.1.ppc64le",
                  "product_id": "chromium-141.0.7390.122-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-141.0.7390.122-1.1.s390x",
                "product": {
                  "name": "chromedriver-141.0.7390.122-1.1.s390x",
                  "product_id": "chromedriver-141.0.7390.122-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-141.0.7390.122-1.1.s390x",
                "product": {
                  "name": "chromium-141.0.7390.122-1.1.s390x",
                  "product_id": "chromium-141.0.7390.122-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-141.0.7390.122-1.1.x86_64",
                "product": {
                  "name": "chromedriver-141.0.7390.122-1.1.x86_64",
                  "product_id": "chromedriver-141.0.7390.122-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-141.0.7390.122-1.1.x86_64",
                "product": {
                  "name": "chromium-141.0.7390.122-1.1.x86_64",
                  "product_id": "chromium-141.0.7390.122-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-141.0.7390.122-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.aarch64"
        },
        "product_reference": "chromedriver-141.0.7390.122-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-141.0.7390.122-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.ppc64le"
        },
        "product_reference": "chromedriver-141.0.7390.122-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-141.0.7390.122-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.s390x"
        },
        "product_reference": "chromedriver-141.0.7390.122-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-141.0.7390.122-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.x86_64"
        },
        "product_reference": "chromedriver-141.0.7390.122-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-141.0.7390.122-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.aarch64"
        },
        "product_reference": "chromium-141.0.7390.122-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-141.0.7390.122-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.ppc64le"
        },
        "product_reference": "chromium-141.0.7390.122-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-141.0.7390.122-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.s390x"
        },
        "product_reference": "chromium-141.0.7390.122-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-141.0.7390.122-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.x86_64"
        },
        "product_reference": "chromium-141.0.7390.122-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-12036",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-12036"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.s390x",
          "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-12036",
          "url": "https://www.suse.com/security/cve/CVE-2025-12036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252402 for CVE-2025-12036",
          "url": "https://bugzilla.suse.com/1252402"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-141.0.7390.122-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.s390x",
            "openSUSE Tumbleweed:chromium-141.0.7390.122-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-24T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-12036"
    }
  ]
}

ghsa-v3m8-vp9c-jf57

Vulnerability from github

Published

2025-11-07 00:30

Modified

2025-11-07 15:31

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-12036"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-06T23:15:35Z",
    "severity": "HIGH"
  },
  "details": "Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-v3m8-vp9c-jf57",
  "modified": "2025-11-07T15:31:30Z",
  "published": "2025-11-07T00:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12036"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/452296415"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2025-12036

Vulnerability from fkie_nvd

Published

2025-11-06 23:15

Modified

2025-11-07 14:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

References

	URL	Tags
	chrome-cve-admin@google.com	https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html
	chrome-cve-admin@google.com	https://issues.chromium.org/issues/452296415

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)"
    }
  ],
  "id": "CVE-2025-12036",
  "lastModified": "2025-11-07T14:15:48.290",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-11-06T23:15:35.593",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://issues.chromium.org/issues/452296415"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Received",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-12036 (GCVE-0-2025-12036)

Vulnerability from cvelistv5

Vulnerability from certfr_avis

Solutions

Vulnerability from certfr_avis

Solutions

Vulnerability from certfr_avis

Solutions

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_opensuse

Vulnerability from github

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature