Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie

Type deb

Namespace debian

Name chromium

Version 140.0.7339.80-1~deb12u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 140.0.7339.80-1~deb13u1

Latest_non_vulnerable_version 147.0.7727.101-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1yv3-9hvy-wqad

vulnerability_id VCID-1yv3-9hvy-wqad

summary Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-12910

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.01103
published_at	2026-04-04T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.011
published_at	2026-04-02T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00633
published_at	2026-04-08T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00627
published_at	2026-04-09T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00626
published_at	2026-04-11T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00622
published_at	2026-04-12T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00623
published_at	2026-04-13T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00616
published_at	2026-04-16T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00634
published_at	2026-04-07T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00687
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-12910

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12910
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12910

reference_url

https://issues.chromium.org/issues/434977743

reference_id

434977743

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:54:30Z/

url

https://issues.chromium.org/issues/434977743

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:54:30Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-12910

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yv3-9hvy-wqad

url VCID-5z4q-511c-3yfg

vulnerability_id VCID-5z4q-511c-3yfg

summary Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-9865

reference_id

reference_type

scores

value	0.00041
scoring_system	epss
scoring_elements	0.12334
published_at	2026-04-16T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.1243
published_at	2026-04-13T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12538
published_at	2026-04-09T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12508
published_at	2026-04-11T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12471
published_at	2026-04-12T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12336
published_at	2026-04-18T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13175
published_at	2026-04-08T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13295
published_at	2026-04-04T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13093
published_at	2026-04-07T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13229
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-9865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9865

reference_url

https://issues.chromium.org/issues/437147699

reference_id

437147699

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:12:49Z/

url

https://issues.chromium.org/issues/437147699

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:12:49Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-9865

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5z4q-511c-3yfg

url VCID-6wb7-8x4p-dkgt

vulnerability_id VCID-6wb7-8x4p-dkgt

summary Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-12906

reference_id

reference_type

scores

value	0.00049
scoring_system	epss
scoring_elements	0.15198
published_at	2026-04-18T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17518
published_at	2026-04-08T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17426
published_at	2026-04-07T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17579
published_at	2026-04-09T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17593
published_at	2026-04-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17546
published_at	2026-04-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17493
published_at	2026-04-13T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17437
published_at	2026-04-16T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.297
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.2965
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-12906

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12906
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12906

reference_url

https://issues.chromium.org/issues/428455319

reference_id

428455319

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:33Z/

url

https://issues.chromium.org/issues/428455319

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:33Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-12906

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wb7-8x4p-dkgt

url VCID-hhme-jc9c-wua5

vulnerability_id VCID-hhme-jc9c-wua5

summary Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-9866

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.18651
published_at	2026-04-16T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18702
published_at	2026-04-13T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18794
published_at	2026-04-09T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18799
published_at	2026-04-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18752
published_at	2026-04-12T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18662
published_at	2026-04-18T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19517
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19714
published_at	2026-04-04T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19438
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19667
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-9866

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9866
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9866

reference_url

https://issues.chromium.org/issues/379337758

reference_id

379337758

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-04T03:55:44Z/

url

https://issues.chromium.org/issues/379337758

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-04T03:55:44Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-9866

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhme-jc9c-wua5

url VCID-k4kf-hvym-nfd6

vulnerability_id VCID-k4kf-hvym-nfd6

summary Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-12909

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.1355
published_at	2026-04-18T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15613
published_at	2026-04-08T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15527
published_at	2026-04-07T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15668
published_at	2026-04-09T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15635
published_at	2026-04-11T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.156
published_at	2026-04-12T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15537
published_at	2026-04-13T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15463
published_at	2026-04-16T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21473
published_at	2026-04-04T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21419
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-12909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12909

reference_url

https://issues.chromium.org/issues/361116749

reference_id

361116749

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:14Z/

url

https://issues.chromium.org/issues/361116749

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:14Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-12909

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kf-hvym-nfd6

url VCID-t6a7-tdcw-zuhv

vulnerability_id VCID-t6a7-tdcw-zuhv

summary Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-12907

reference_id

reference_type

scores

value	0.00143
scoring_system	epss
scoring_elements	0.34665
published_at	2026-04-18T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.36993
published_at	2026-04-08T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.36943
published_at	2026-04-07T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37007
published_at	2026-04-09T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37015
published_at	2026-04-11T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.3698
published_at	2026-04-12T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.36954
published_at	2026-04-13T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.36999
published_at	2026-04-16T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.4929
published_at	2026-04-04T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49263
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-12907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12907

reference_url

https://issues.chromium.org/issues/427367145

reference_id

427367145

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-14T04:55:40Z/

url

https://issues.chromium.org/issues/427367145

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-14T04:55:40Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-12907

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t6a7-tdcw-zuhv

url VCID-vfpj-s32r-fygb

vulnerability_id VCID-vfpj-s32r-fygb

summary chromium-browser: Inappropriate implementation in Compositing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13107.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13107.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-13107

reference_id

reference_type

scores

value	0.00074
scoring_system	epss
scoring_elements	0.22399
published_at	2026-04-18T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22384
published_at	2026-04-13T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22401
published_at	2026-04-16T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23012
published_at	2026-04-12T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33504
published_at	2026-04-04T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33345
published_at	2026-04-07T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33472
published_at	2026-04-02T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33425
published_at	2026-04-09T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33429
published_at	2026-04-11T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33391
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-13107

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13107
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13107

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2414975
reference_id	2414975
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2414975

reference_url

https://issues.chromium.org/issues/429440615

reference_id

429440615

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:35:28Z/

url

https://issues.chromium.org/issues/429440615

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:35:28Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-13107

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfpj-s32r-fygb

url VCID-z745-kejm-sbf2

vulnerability_id VCID-z745-kejm-sbf2

summary Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-12911

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03764
published_at	2026-04-08T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03679
published_at	2026-04-16T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03701
published_at	2026-04-13T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03727
published_at	2026-04-12T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03749
published_at	2026-04-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03788
published_at	2026-04-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03761
published_at	2026-04-07T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05088
published_at	2026-04-18T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09324
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09273
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-12911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12911

reference_url

https://issues.chromium.org/issues/423670839

reference_id

423670839

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:50:30Z/

url

https://issues.chromium.org/issues/423670839

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:50:30Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-12911

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z745-kejm-sbf2

url VCID-zkqv-ppkf-yfe2

vulnerability_id VCID-zkqv-ppkf-yfe2

summary Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-9867

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.14277
published_at	2026-04-16T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14385
published_at	2026-04-13T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14531
published_at	2026-04-09T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.1448
published_at	2026-04-11T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14443
published_at	2026-04-12T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14278
published_at	2026-04-18T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15192
published_at	2026-04-08T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.153
published_at	2026-04-04T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15104
published_at	2026-04-07T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15232
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-9867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9867

reference_url

https://issues.chromium.org/issues/415496161

reference_id

415496161

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:16:51Z/

url

https://issues.chromium.org/issues/415496161

reference_url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:16:51Z/

url

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
purl	pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
purl	pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
purl	pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@145.0.7632.159-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

purl pkg:deb/debian/chromium@146.0.7680.153-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gbt-xkej-k7aw

vulnerability	VCID-2s6k-knqz-s7bv

vulnerability	VCID-32xu-tbuh-nfds

vulnerability	VCID-5znj-k78s-suca

vulnerability	VCID-6dub-gz8z-m3fk

vulnerability	VCID-7gex-zf7d-5ka4

vulnerability	VCID-88yy-dyf6-cue7

vulnerability	VCID-8uaq-e8kp-87fs

vulnerability	VCID-9p5u-1x3q-63dh

vulnerability	VCID-9s6e-p69b-suep

vulnerability	VCID-9sbp-bp4k-23cn

vulnerability	VCID-ehkc-zgaa-23fy

vulnerability	VCID-fene-srh1-b3gp

vulnerability	VCID-jr1y-txur-ebgr

vulnerability	VCID-n5d6-9gwm-vkc7

vulnerability	VCID-pg29-vrqh-pka8

vulnerability	VCID-pgw2-3qy2-5ban

vulnerability	VCID-pmwr-4j1v-s7gu

vulnerability	VCID-ptwz-uax5-mqbq

vulnerability	VCID-pvbx-j8j1-dkb3

vulnerability	VCID-q45n-pmfj-f7ae

vulnerability	VCID-r2b4-pdwz-ybae

vulnerability	VCID-v2gf-rqxb-57ae

vulnerability	VCID-vscd-6s2t-bucr

vulnerability	VCID-xfz2-cwzt-tqhz

vulnerability	VCID-y17q-5gas-jke9

vulnerability	VCID-z8nt-w84w-tkew

vulnerability	VCID-zcq4-z2c5-2ffr

vulnerability	VCID-zrnp-ujpt-tbee

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.153-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
purl	pkg:deb/debian/chromium@146.0.7680.177-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1%3Fdistro=trixie

url pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

purl pkg:deb/debian/chromium@147.0.7727.55-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1sea-z3vg-wfc4

vulnerability	VCID-212t-kjka-pbe4

vulnerability	VCID-3c8j-6wcw-83ax

vulnerability	VCID-47az-428z-bkar

vulnerability	VCID-7x3z-8d6t-vfen

vulnerability	VCID-8j9g-6zs1-13am

vulnerability	VCID-97y1-b8j2-xfb5

vulnerability	VCID-9amk-6z38-qbb1

vulnerability	VCID-9h91-43nj-7qgy

vulnerability	VCID-dzf3-492x-budu

vulnerability	VCID-erxp-a8pr-zyff

vulnerability	VCID-fk6m-8k4f-hyhz

vulnerability	VCID-hyew-s4ya-43bv

vulnerability	VCID-jd9x-rsee-ekfk

vulnerability	VCID-jku3-pwsy-bufq

vulnerability	VCID-jqs4-fgj9-63g7

vulnerability	VCID-k82r-r6dh-qfem

vulnerability	VCID-mjv9-578z-3kej

vulnerability	VCID-mp8f-94vu-jyf9

vulnerability	VCID-my86-8n81-y3hd

vulnerability	VCID-ndkj-5v64-cfa9

vulnerability	VCID-p4dd-y4mm-fqam

vulnerability	VCID-q17c-ud54-5ydd

vulnerability	VCID-qrwz-k5dg-27b2

vulnerability	VCID-thk2-w3k4-jfep

vulnerability	VCID-uded-9de1-xkdj

vulnerability	VCID-usvm-2xea-ffd6

vulnerability	VCID-uyu5-b3md-37cm

vulnerability	VCID-x1xm-1qpa-u7c1

vulnerability	VCID-x688-21pv-7yf8

vulnerability	VCID-ywwf-hc75-nbdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.55-1%3Fdistro=trixie

url	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
purl	pkg:deb/debian/chromium@147.0.7727.101-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.101-1%3Fdistro=trixie

aliases CVE-2025-9867

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkqv-ppkf-yfe2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@140.0.7339.80-1~deb12u1%3Fdistro=trixie

Package Instance