Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community

Type apk

Namespace alpine

Name qt6-qtwebengine

Version 6.8.2-r3

Qualifiers

arch	armv7
distroversion	v3.23
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 6.8.2-r4

Latest_non_vulnerable_version 6.10.1-r14

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2tvv-jrqv-hyg4

vulnerability_id VCID-2tvv-jrqv-hyg4

summary Rejected reason: Not exploitable

references

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0998

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2tvv-jrqv-hyg4

url VCID-4dke-ryut-ebhg

vulnerability_id VCID-4dke-ryut-ebhg

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0436

reference_id

reference_type

scores

value	0.00509
scoring_system	epss
scoring_elements	0.6639
published_at	2026-04-16T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66399
published_at	2026-04-11T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66385
published_at	2026-04-12T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66354
published_at	2026-04-13T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66319
published_at	2026-04-02T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66347
published_at	2026-04-04T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66317
published_at	2026-04-07T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66364
published_at	2026-04-08T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66378
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0436

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0436
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0436

reference_url

https://issues.chromium.org/issues/382786791

reference_id

382786791

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:49:46Z/

url

https://issues.chromium.org/issues/382786791

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

reference_id

stable-channel-update-for-desktop_14.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:49:46Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0436

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dke-ryut-ebhg

url VCID-5wu4-dfd3-wkh2

vulnerability_id VCID-5wu4-dfd3-wkh2

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0762

reference_id

reference_type

scores

value	0.00373
scoring_system	epss
scoring_elements	0.59034
published_at	2026-04-16T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.59036
published_at	2026-04-11T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.59018
published_at	2026-04-12T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58999
published_at	2026-04-13T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58971
published_at	2026-04-02T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58993
published_at	2026-04-04T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.58959
published_at	2026-04-07T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.59011
published_at	2026-04-08T12:55:00Z

value	0.00373
scoring_system	epss
scoring_elements	0.59017
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0762

reference_url

https://issues.chromium.org/issues/384844003

reference_id

384844003

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T14:20:02Z/

url

https://issues.chromium.org/issues/384844003

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html

reference_id

stable-channel-update-for-desktop_28.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T14:20:02Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0762

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5wu4-dfd3-wkh2

url VCID-6fhm-q7k7-n3dw

vulnerability_id VCID-6fhm-q7k7-n3dw

summary Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-3071

reference_id

reference_type

scores

value	0.00036
scoring_system	epss
scoring_elements	0.106
published_at	2026-04-16T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10793
published_at	2026-04-11T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.1076
published_at	2026-04-12T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10736
published_at	2026-04-13T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10731
published_at	2026-04-02T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10795
published_at	2026-04-04T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10645
published_at	2026-04-07T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10722
published_at	2026-04-08T12:55:00Z

value	0.00036
scoring_system	epss
scoring_elements	0.10778
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-3071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3071

reference_url

https://issues.chromium.org/issues/40051596

reference_id

40051596

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T20:23:07Z/

url

https://issues.chromium.org/issues/40051596

reference_url

https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T20:23:07Z/

url

https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-3071

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fhm-q7k7-n3dw

url VCID-8h6y-rjqd-nydy

vulnerability_id VCID-8h6y-rjqd-nydy

summary Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1915

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06277
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06339
published_at	2026-04-13T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19401
published_at	2026-04-12T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24621
published_at	2026-04-07T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24811
published_at	2026-04-02T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24691
published_at	2026-04-08T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24738
published_at	2026-04-09T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24751
published_at	2026-04-11T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24849
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1915

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915

reference_url

https://issues.chromium.org/issues/391114799

reference_id

391114799

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:23Z/

url

https://issues.chromium.org/issues/391114799

reference_url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:23Z/

url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-1915

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8h6y-rjqd-nydy

url VCID-azef-hxum-z3eb

vulnerability_id VCID-azef-hxum-z3eb

summary Multiple vulnerabilities have been discovered in WebKitGTK+, the worst of which can lead to execution of arbitary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24201.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24201.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24201

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23755
published_at	2026-04-04T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23536
published_at	2026-04-07T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24902
published_at	2026-04-16T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24922
published_at	2026-04-08T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24969
published_at	2026-04-09T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24983
published_at	2026-04-11T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24943
published_at	2026-04-12T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24888
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27125
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.apple.com/en-us/122281

reference_id

122281

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122281

reference_url

https://support.apple.com/en-us/122283

reference_id

122283

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122283

reference_url

https://support.apple.com/en-us/122284

reference_id

122284

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122284

reference_url

https://support.apple.com/en-us/122285

reference_id

122285

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122285

reference_url

https://support.apple.com/en-us/122345

reference_id

122345

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122345

reference_url

https://support.apple.com/en-us/122346

reference_id

122346

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122346

reference_url

https://support.apple.com/en-us/122372

reference_id

122372

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122372

reference_url

https://support.apple.com/en-us/122376

reference_id

122376

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/

url

https://support.apple.com/en-us/122376

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2351802
reference_id	2351802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2351802

reference_url	https://security.gentoo.org/glsa/202511-02
reference_id	GLSA-202511-02
reference_type
scores
url	https://security.gentoo.org/glsa/202511-02

reference_url	https://access.redhat.com/errata/RHSA-2025:10364
reference_id	RHSA-2025:10364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10364

reference_url	https://access.redhat.com/errata/RHSA-2025:2863
reference_id	RHSA-2025:2863
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2863

reference_url	https://access.redhat.com/errata/RHSA-2025:2864
reference_id	RHSA-2025:2864
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2864

reference_url	https://access.redhat.com/errata/RHSA-2025:2997
reference_id	RHSA-2025:2997
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2997

reference_url	https://access.redhat.com/errata/RHSA-2025:2998
reference_id	RHSA-2025:2998
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2998

reference_url	https://access.redhat.com/errata/RHSA-2025:3000
reference_id	RHSA-2025:3000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3000

reference_url	https://access.redhat.com/errata/RHSA-2025:3001
reference_id	RHSA-2025:3001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3001

reference_url	https://access.redhat.com/errata/RHSA-2025:3002
reference_id	RHSA-2025:3002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3002

reference_url	https://access.redhat.com/errata/RHSA-2025:3005
reference_id	RHSA-2025:3005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3005

reference_url	https://access.redhat.com/errata/RHSA-2025:3034
reference_id	RHSA-2025:3034
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3034

reference_url	https://usn.ubuntu.com/7395-1/
reference_id	USN-7395-1
reference_type
scores
url	https://usn.ubuntu.com/7395-1/

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-24201

risk_score 10.0

exploitability 2.0

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azef-hxum-z3eb

url VCID-bem9-ezts-n3b2

vulnerability_id VCID-bem9-ezts-n3b2

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0447

reference_id

reference_type

scores

value	0.00634
scoring_system	epss
scoring_elements	0.70415
published_at	2026-04-16T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70402
published_at	2026-04-11T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70387
published_at	2026-04-12T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70372
published_at	2026-04-13T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70323
published_at	2026-04-02T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.7034
published_at	2026-04-04T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70318
published_at	2026-04-07T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70363
published_at	2026-04-08T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70378
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0447

reference_url

https://issues.chromium.org/issues/375550814

reference_id

375550814

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:26:16Z/

url

https://issues.chromium.org/issues/375550814

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

reference_id

stable-channel-update-for-desktop_14.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:26:16Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0447

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bem9-ezts-n3b2

url VCID-bzcx-rxg3-aygs

vulnerability_id VCID-bzcx-rxg3-aygs

summary

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-11477

reference_id

reference_type

scores

value	0.38072
scoring_system	epss
scoring_elements	0.97213
published_at	2026-04-09T12:55:00Z

value	0.38072
scoring_system	epss
scoring_elements	0.97217
published_at	2026-04-12T12:55:00Z

value	0.38072
scoring_system	epss
scoring_elements	0.97216
published_at	2026-04-11T12:55:00Z

value	0.38072
scoring_system	epss
scoring_elements	0.97195
published_at	2026-04-02T12:55:00Z

value	0.38072
scoring_system	epss
scoring_elements	0.97201
published_at	2026-04-04T12:55:00Z

value	0.38072
scoring_system	epss
scoring_elements	0.97202
published_at	2026-04-07T12:55:00Z

value	0.38072
scoring_system	epss
scoring_elements	0.97211
published_at	2026-04-08T12:55:00Z

value	0.43636
scoring_system	epss
scoring_elements	0.97529
published_at	2026-04-16T12:55:00Z

value	0.43636
scoring_system	epss
scoring_elements	0.97521
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-11477

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://www.zerodayinitiative.com/advisories/ZDI-24-1532/

reference_id

ZDI-24-1532

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-30T04:55:53Z/

url

https://www.zerodayinitiative.com/advisories/ZDI-24-1532/

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2024-11477

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bzcx-rxg3-aygs

url VCID-c4ah-r5g9-rkbw

vulnerability_id VCID-c4ah-r5g9-rkbw

summary Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1918

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.296
published_at	2026-04-02T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29648
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29469
published_at	2026-04-07T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29532
published_at	2026-04-08T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29571
published_at	2026-04-09T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29573
published_at	2026-04-11T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35894
published_at	2026-04-12T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54886
published_at	2026-04-13T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54924
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918

reference_url

https://issues.chromium.org/issues/388557904

reference_id

388557904

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:12Z/

url

https://issues.chromium.org/issues/388557904

reference_url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:12Z/

url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-1918

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ah-r5g9-rkbw

url VCID-crkt-7ueh-dbau

vulnerability_id VCID-crkt-7ueh-dbau

summary Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1921

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26517
published_at	2026-04-02T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26562
published_at	2026-04-04T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26343
published_at	2026-04-07T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26412
published_at	2026-04-08T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26462
published_at	2026-04-09T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26468
published_at	2026-04-11T12:55:00Z

value	0.00127
scoring_system	epss
scoring_elements	0.32002
published_at	2026-04-13T12:55:00Z

value	0.00127
scoring_system	epss
scoring_elements	0.32036
published_at	2026-04-16T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36099
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921

reference_url

https://issues.chromium.org/issues/387583503

reference_id

387583503

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:23:59Z/

url

https://issues.chromium.org/issues/387583503

reference_url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:23:59Z/

url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-1921

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-crkt-7ueh-dbau

url VCID-cw13-y3s5-d7cg

vulnerability_id VCID-cw13-y3s5-d7cg

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0443

reference_id

reference_type

scores

value	0.00634
scoring_system	epss
scoring_elements	0.70415
published_at	2026-04-16T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70402
published_at	2026-04-11T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70387
published_at	2026-04-12T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70372
published_at	2026-04-13T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70323
published_at	2026-04-02T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.7034
published_at	2026-04-04T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70318
published_at	2026-04-07T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70363
published_at	2026-04-08T12:55:00Z

value	0.00634
scoring_system	epss
scoring_elements	0.70378
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0443
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0443

reference_url

https://issues.chromium.org/issues/376625003

reference_id

376625003

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:30:28Z/

url

https://issues.chromium.org/issues/376625003

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

reference_id

stable-channel-update-for-desktop_14.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:30:28Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0443

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cw13-y3s5-d7cg

url VCID-dvuw-89yr-h7hc

vulnerability_id VCID-dvuw-89yr-h7hc

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12693

reference_id

reference_type

scores

value	0.02469
scoring_system	epss
scoring_elements	0.85284
published_at	2026-04-16T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85255
published_at	2026-04-09T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85269
published_at	2026-04-11T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85267
published_at	2026-04-12T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85264
published_at	2026-04-13T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85204
published_at	2026-04-02T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85222
published_at	2026-04-04T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85224
published_at	2026-04-07T12:55:00Z

value	0.02469
scoring_system	epss
scoring_elements	0.85246
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12693

reference_url

https://issues.chromium.org/issues/382190919

reference_id

382190919

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:44Z/

url

https://issues.chromium.org/issues/382190919

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html

reference_id

stable-channel-update-for-desktop_18.html

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:44Z/

url

https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2024-12693

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dvuw-89yr-h7hc

url VCID-gdn6-smyz-j3fm

vulnerability_id VCID-gdn6-smyz-j3fm

summary Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-3619

reference_id

reference_type

scores

value	0.00121
scoring_system	epss
scoring_elements	0.31107
published_at	2026-04-16T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31163
published_at	2026-04-11T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31119
published_at	2026-04-12T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31075
published_at	2026-04-13T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31209
published_at	2026-04-02T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31251
published_at	2026-04-04T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31072
published_at	2026-04-07T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31125
published_at	2026-04-08T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31155
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-3619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3619

reference_url

https://issues.chromium.org/issues/409619251

reference_id

409619251

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:38:46Z/

url

https://issues.chromium.org/issues/409619251

reference_url

https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:38:46Z/

url

https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-3619

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdn6-smyz-j3fm

url VCID-h5kz-vcq9-1bgh

vulnerability_id VCID-h5kz-vcq9-1bgh

summary Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0611

reference_id

reference_type

scores

value	0.00625
scoring_system	epss
scoring_elements	0.70128
published_at	2026-04-02T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70143
published_at	2026-04-04T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.7012
published_at	2026-04-07T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70167
published_at	2026-04-08T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70183
published_at	2026-04-09T12:55:00Z

value	0.00637
scoring_system	epss
scoring_elements	0.70469
published_at	2026-04-13T12:55:00Z

value	0.00637
scoring_system	epss
scoring_elements	0.70511
published_at	2026-04-16T12:55:00Z

value	0.01092
scoring_system	epss
scoring_elements	0.7797
published_at	2026-04-11T12:55:00Z

value	0.01092
scoring_system	epss
scoring_elements	0.77954
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0611

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0611
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0611

reference_url

https://issues.chromium.org/issues/386143468

reference_id

386143468

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T20:02:12Z/

url

https://issues.chromium.org/issues/386143468

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html

reference_id

stable-channel-update-for-desktop_22.html

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T20:02:12Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0611

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5kz-vcq9-1bgh

url VCID-j9bt-u7v1-mkgt

vulnerability_id VCID-j9bt-u7v1-mkgt

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2136

reference_id

reference_type

scores

value	0.00207
scoring_system	epss
scoring_elements	0.43125
published_at	2026-04-16T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43115
published_at	2026-04-11T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43081
published_at	2026-04-12T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43066
published_at	2026-04-13T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.4306
published_at	2026-04-02T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43088
published_at	2026-04-04T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43027
published_at	2026-04-07T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.4308
published_at	2026-04-08T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43092
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2136

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136

reference_url

https://issues.chromium.org/issues/395032416

reference_id

395032416

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:34Z/

url

https://issues.chromium.org/issues/395032416

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html

reference_id

stable-channel-update-for-desktop_10.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:34Z/

url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-2136

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j9bt-u7v1-mkgt

url VCID-jaep-1ut3-9qan

vulnerability_id VCID-jaep-1ut3-9qan

summary libxslt: Use-After-Free in libxslt numbers.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24855

reference_id

reference_type

scores

value	0.00049
scoring_system	epss
scoring_elements	0.15187
published_at	2026-04-16T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15377
published_at	2026-04-11T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15337
published_at	2026-04-12T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15272
published_at	2026-04-13T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15404
published_at	2026-04-02T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15473
published_at	2026-04-04T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15277
published_at	2026-04-07T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15365
published_at	2026-04-08T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15415
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566
reference_id	1100566
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2352483
reference_id	2352483
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2352483

reference_url	https://access.redhat.com/errata/RHSA-2025:3107
reference_id	RHSA-2025:3107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3107

reference_url	https://access.redhat.com/errata/RHSA-2025:3389
reference_id	RHSA-2025:3389
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3389

reference_url	https://access.redhat.com/errata/RHSA-2025:3528
reference_id	RHSA-2025:3528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3528

reference_url	https://access.redhat.com/errata/RHSA-2025:3615
reference_id	RHSA-2025:3615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3615

reference_url	https://access.redhat.com/errata/RHSA-2025:3619
reference_id	RHSA-2025:3619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3619

reference_url	https://access.redhat.com/errata/RHSA-2025:3624
reference_id	RHSA-2025:3624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3624

reference_url	https://access.redhat.com/errata/RHSA-2025:3625
reference_id	RHSA-2025:3625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3625

reference_url	https://access.redhat.com/errata/RHSA-2025:3626
reference_id	RHSA-2025:3626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3626

reference_url	https://access.redhat.com/errata/RHSA-2025:3627
reference_id	RHSA-2025:3627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3627

reference_url	https://access.redhat.com/errata/RHSA-2025:4098
reference_id	RHSA-2025:4098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4098

reference_url	https://access.redhat.com/errata/RHSA-2025:4422
reference_id	RHSA-2025:4422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4422

reference_url	https://access.redhat.com/errata/RHSA-2025:4427
reference_id	RHSA-2025:4427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4427

reference_url	https://access.redhat.com/errata/RHSA-2025:4431
reference_id	RHSA-2025:4431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4431

reference_url	https://access.redhat.com/errata/RHSA-2025:4677
reference_id	RHSA-2025:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4677

reference_url	https://access.redhat.com/errata/RHSA-2025:4731
reference_id	RHSA-2025:4731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4731

reference_url	https://access.redhat.com/errata/RHSA-2025:7496
reference_id	RHSA-2025:7496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7496

reference_url	https://access.redhat.com/errata/RHSA-2025:7702
reference_id	RHSA-2025:7702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7702

reference_url	https://access.redhat.com/errata/RHSA-2025:8303
reference_id	RHSA-2025:8303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8303

reference_url	https://usn.ubuntu.com/7361-1/
reference_id	USN-7361-1
reference_type
scores
url	https://usn.ubuntu.com/7361-1/

reference_url	https://usn.ubuntu.com/7787-1/
reference_id	USN-7787-1
reference_type
scores
url	https://usn.ubuntu.com/7787-1/

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-24855

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jaep-1ut3-9qan

url VCID-mhfc-jc5n-gfbu

vulnerability_id VCID-mhfc-jc5n-gfbu

summary Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1426

reference_id

reference_type

scores

value	0.00391
scoring_system	epss
scoring_elements	0.60167
published_at	2026-04-16T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.6016
published_at	2026-04-11T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60146
published_at	2026-04-12T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60128
published_at	2026-04-13T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60081
published_at	2026-04-02T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60106
published_at	2026-04-04T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60075
published_at	2026-04-07T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60125
published_at	2026-04-08T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60139
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426

reference_url

https://issues.chromium.org/issues/383465163

reference_id

383465163

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:08:33Z/

url

https://issues.chromium.org/issues/383465163

reference_url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

reference_id

stable-channel-update-for-desktop_18.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:08:33Z/

url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-1426

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mhfc-jc5n-gfbu

url VCID-rmeb-2jks-muh5

vulnerability_id VCID-rmeb-2jks-muh5

summary Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1006

reference_id

reference_type

scores

value	0.0033
scoring_system	epss
scoring_elements	0.5602
published_at	2026-04-16T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56022
published_at	2026-04-11T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56001
published_at	2026-04-12T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.55984
published_at	2026-04-13T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.55957
published_at	2026-04-07T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.55979
published_at	2026-04-04T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56008
published_at	2026-04-08T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56011
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006

reference_url

https://issues.chromium.org/issues/390590778

reference_id

390590778

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:09:20Z/

url

https://issues.chromium.org/issues/390590778

reference_url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

reference_id

stable-channel-update-for-desktop_18.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:09:20Z/

url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-1006

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rmeb-2jks-muh5

url VCID-sbba-7wah-s3dm

vulnerability_id VCID-sbba-7wah-s3dm

summary Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1919

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.296
published_at	2026-04-02T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29648
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29469
published_at	2026-04-07T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29532
published_at	2026-04-08T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29571
published_at	2026-04-09T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29573
published_at	2026-04-11T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35894
published_at	2026-04-12T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54886
published_at	2026-04-13T12:55:00Z

value	0.00318
scoring_system	epss
scoring_elements	0.54924
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919

reference_url

https://issues.chromium.org/issues/392375312

reference_id

392375312

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:13Z/

url

https://issues.chromium.org/issues/392375312

reference_url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:13Z/

url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-1919

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbba-7wah-s3dm

url VCID-tt6y-5hu2-xfcj

vulnerability_id VCID-tt6y-5hu2-xfcj

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12694

reference_id

reference_type

scores

value	0.00519
scoring_system	epss
scoring_elements	0.66798
published_at	2026-04-13T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.6681
published_at	2026-04-08T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66825
published_at	2026-04-09T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66845
published_at	2026-04-11T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66831
published_at	2026-04-16T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66763
published_at	2026-04-02T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66789
published_at	2026-04-04T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66761
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12694

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12694
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12694

reference_url

https://issues.chromium.org/issues/368222741

reference_id

368222741

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:46Z/

url

https://issues.chromium.org/issues/368222741

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html

reference_id

stable-channel-update-for-desktop_18.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:46Z/

url

https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2024-12694

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6y-5hu2-xfcj

url VCID-u7nr-jpbg-hbbc

vulnerability_id VCID-u7nr-jpbg-hbbc

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0437

reference_id

reference_type

scores

value	0.00065
scoring_system	epss
scoring_elements	0.20028
published_at	2026-04-16T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.2015
published_at	2026-04-11T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20105
published_at	2026-04-12T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20047
published_at	2026-04-13T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20212
published_at	2026-04-02T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20269
published_at	2026-04-04T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.19994
published_at	2026-04-07T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20074
published_at	2026-04-08T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20131
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0437

reference_url

https://issues.chromium.org/issues/378623799

reference_id

378623799

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:35Z/

url

https://issues.chromium.org/issues/378623799

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

reference_id

stable-channel-update-for-desktop_14.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:35Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0437

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7nr-jpbg-hbbc

url VCID-vnvz-a9hv-8bee

vulnerability_id VCID-vnvz-a9hv-8bee

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0438

reference_id

reference_type

scores

value	0.00357
scoring_system	epss
scoring_elements	0.58025
published_at	2026-04-16T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58037
published_at	2026-04-11T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58015
published_at	2026-04-12T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57995
published_at	2026-04-13T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57968
published_at	2026-04-02T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57986
published_at	2026-04-04T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.57963
published_at	2026-04-07T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58018
published_at	2026-04-08T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.5802
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0438

reference_url

https://issues.chromium.org/issues/384186539

reference_id

384186539

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:34Z/

url

https://issues.chromium.org/issues/384186539

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

reference_id

stable-channel-update-for-desktop_14.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:34Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0438

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vnvz-a9hv-8bee

url VCID-yj1b-bysp-b7h1

vulnerability_id VCID-yj1b-bysp-b7h1

summary Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0441

reference_id

reference_type

scores

value	0.00077
scoring_system	epss
scoring_elements	0.22886
published_at	2026-04-16T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22966
published_at	2026-04-11T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22929
published_at	2026-04-12T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22872
published_at	2026-04-13T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22985
published_at	2026-04-02T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23028
published_at	2026-04-04T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22821
published_at	2026-04-07T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22895
published_at	2026-04-08T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22947
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0441

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0441
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0441

reference_url

https://issues.chromium.org/issues/368628042

reference_id

368628042

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:36:52Z/

url

https://issues.chromium.org/issues/368628042

reference_url	https://security.gentoo.org/glsa/202507-07
reference_id	GLSA-202507-07
reference_type
scores
url	https://security.gentoo.org/glsa/202507-07

reference_url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

reference_id

stable-channel-update-for-desktop_14.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:36:52Z/

url

https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0441

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yj1b-bysp-b7h1

url VCID-z7hh-qpzy-c7b2

vulnerability_id VCID-z7hh-qpzy-c7b2

summary libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-55549

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.15569
published_at	2026-04-04T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15455
published_at	2026-04-08T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15368
published_at	2026-04-07T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15498
published_at	2026-04-02T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15811
published_at	2026-04-16T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15992
published_at	2026-04-11T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15954
published_at	2026-04-12T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15886
published_at	2026-04-13T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.16014
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-55549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565
reference_id	1100565
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2352484
reference_id	2352484
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2352484

reference_url	https://access.redhat.com/errata/RHSA-2025:3613
reference_id	RHSA-2025:3613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3613

reference_url	https://access.redhat.com/errata/RHSA-2025:3614
reference_id	RHSA-2025:3614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3614

reference_url	https://access.redhat.com/errata/RHSA-2025:3615
reference_id	RHSA-2025:3615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3615

reference_url	https://access.redhat.com/errata/RHSA-2025:3619
reference_id	RHSA-2025:3619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3619

reference_url	https://access.redhat.com/errata/RHSA-2025:3624
reference_id	RHSA-2025:3624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3624

reference_url	https://access.redhat.com/errata/RHSA-2025:3625
reference_id	RHSA-2025:3625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3625

reference_url	https://access.redhat.com/errata/RHSA-2025:3626
reference_id	RHSA-2025:3626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3626

reference_url	https://access.redhat.com/errata/RHSA-2025:3627
reference_id	RHSA-2025:3627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3627

reference_url	https://access.redhat.com/errata/RHSA-2025:4025
reference_id	RHSA-2025:4025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4025

reference_url	https://access.redhat.com/errata/RHSA-2025:4098
reference_id	RHSA-2025:4098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4098

reference_url	https://access.redhat.com/errata/RHSA-2025:4422
reference_id	RHSA-2025:4422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4422

reference_url	https://access.redhat.com/errata/RHSA-2025:4427
reference_id	RHSA-2025:4427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4427

reference_url	https://access.redhat.com/errata/RHSA-2025:4431
reference_id	RHSA-2025:4431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4431

reference_url	https://access.redhat.com/errata/RHSA-2025:4677
reference_id	RHSA-2025:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4677

reference_url	https://access.redhat.com/errata/RHSA-2025:4731
reference_id	RHSA-2025:4731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4731

reference_url	https://access.redhat.com/errata/RHSA-2025:7410
reference_id	RHSA-2025:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7410

reference_url	https://access.redhat.com/errata/RHSA-2025:7496
reference_id	RHSA-2025:7496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7496

reference_url	https://access.redhat.com/errata/RHSA-2025:7702
reference_id	RHSA-2025:7702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7702

reference_url	https://access.redhat.com/errata/RHSA-2025:8303
reference_id	RHSA-2025:8303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8303

reference_url	https://usn.ubuntu.com/7357-1/
reference_id	USN-7357-1
reference_type
scores
url	https://usn.ubuntu.com/7357-1/

reference_url	https://usn.ubuntu.com/7787-1/
reference_id	USN-7787-1
reference_type
scores
url	https://usn.ubuntu.com/7787-1/

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2024-55549

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7hh-qpzy-c7b2

url VCID-zjtf-w6bv-dbfe

vulnerability_id VCID-zjtf-w6bv-dbfe

summary mojo: chromium: chromium Mojo on Windows

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2783.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2783.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2783

reference_id

reference_type

scores

value	0.39478
scoring_system	epss
scoring_elements	0.97308
published_at	2026-04-16T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97294
published_at	2026-04-08T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97295
published_at	2026-04-09T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97298
published_at	2026-04-11T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97299
published_at	2026-04-13T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97282
published_at	2026-04-02T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97287
published_at	2026-04-04T12:55:00Z

value	0.39478
scoring_system	epss
scoring_elements	0.97288
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2783

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2355557
reference_id	2355557
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2355557

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/52403.txt
reference_id	CVE-2025-2783
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/52403.txt

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-2783

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjtf-w6bv-dbfe

url VCID-zr38-fv5c-jkfy

vulnerability_id VCID-zr38-fv5c-jkfy

summary Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0996

reference_id

reference_type

scores

value	0.00089
scoring_system	epss
scoring_elements	0.25283
published_at	2026-04-16T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25372
published_at	2026-04-11T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.2533
published_at	2026-04-12T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25277
published_at	2026-04-13T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25439
published_at	2026-04-02T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25474
published_at	2026-04-04T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25247
published_at	2026-04-07T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.25316
published_at	2026-04-08T12:55:00Z

value	0.00089
scoring_system	epss
scoring_elements	0.2536
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0996

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996

reference_url

https://issues.chromium.org/issues/391788835

reference_id

391788835

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T17:17:20Z/

url

https://issues.chromium.org/issues/391788835

reference_url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html

reference_id

stable-channel-update-for-desktop_12.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T17:17:20Z/

url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0996

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zr38-fv5c-jkfy

url VCID-zr5w-q9zh-nqbm

vulnerability_id VCID-zr5w-q9zh-nqbm

summary Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0999

reference_id

reference_type

scores

value	0.00716
scoring_system	epss
scoring_elements	0.7241
published_at	2026-04-16T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72398
published_at	2026-04-11T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72381
published_at	2026-04-12T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72369
published_at	2026-04-13T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72329
published_at	2026-04-02T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72347
published_at	2026-04-04T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72324
published_at	2026-04-07T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72362
published_at	2026-04-08T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72375
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999

reference_url

https://issues.chromium.org/issues/394350433

reference_id

394350433

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:05:30Z/

url

https://issues.chromium.org/issues/394350433

reference_url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

reference_id

stable-channel-update-for-desktop_18.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:05:30Z/

url

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

aliases CVE-2025-0999

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zr5w-q9zh-nqbm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=armv7&distroversion=v3.23&reponame=community

Package Instance