VulnerableCode Package Details - pkg:deb/debian/chromium@134.0.6998.35-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1zc8-fbzm-tbaz	Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	CVE-2025-1922
VCID-4nwy-ujza-aqeg	Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)	CVE-2025-1923
VCID-8h6y-rjqd-nydy	Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)	CVE-2025-1915
VCID-9g5w-9vct-vybx	Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)	CVE-2025-1914
VCID-c4ah-r5g9-rkbw	Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium)	CVE-2025-1918
VCID-crkt-7ueh-dbau	Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-1921
VCID-ddbx-2xsp-b3ek	Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-1916
VCID-sbba-7wah-s3dm	Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-1919
VCID-t69n-d8kz-ukdh	Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-1917

Vulnerability

Summary

Aliases

VCID-1zc8-fbzm-tbaz

Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2025-1922

VCID-4nwy-ujza-aqeg

Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

CVE-2025-1923

VCID-8h6y-rjqd-nydy

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE-2025-1915

VCID-9g5w-9vct-vybx

Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

CVE-2025-1914

VCID-c4ah-r5g9-rkbw

Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium)

CVE-2025-1918

VCID-crkt-7ueh-dbau

Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-1921

VCID-ddbx-2xsp-b3ek

Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-1916

VCID-sbba-7wah-s3dm

Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-1919

VCID-t69n-d8kz-ukdh

Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-1917

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-17T22:42:12.750653+00:00	Debian Importer	Fixing	VCID-4nwy-ujza-aqeg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:12.623349+00:00	Debian Importer	Fixing	VCID-1zc8-fbzm-tbaz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:12.480422+00:00	Debian Importer	Fixing	VCID-crkt-7ueh-dbau	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:12.232201+00:00	Debian Importer	Fixing	VCID-sbba-7wah-s3dm	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:12.100140+00:00	Debian Importer	Fixing	VCID-c4ah-r5g9-rkbw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:11.969184+00:00	Debian Importer	Fixing	VCID-t69n-d8kz-ukdh	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:11.846407+00:00	Debian Importer	Fixing	VCID-ddbx-2xsp-b3ek	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:11.719334+00:00	Debian Importer	Fixing	VCID-8h6y-rjqd-nydy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:11.590499+00:00	Debian Importer	Fixing	VCID-9g5w-9vct-vybx	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T17:48:47.675599+00:00	Debian Importer	Fixing	VCID-4nwy-ujza-aqeg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:47.589763+00:00	Debian Importer	Fixing	VCID-1zc8-fbzm-tbaz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:47.501719+00:00	Debian Importer	Fixing	VCID-crkt-7ueh-dbau	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:47.329376+00:00	Debian Importer	Fixing	VCID-sbba-7wah-s3dm	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:47.243686+00:00	Debian Importer	Fixing	VCID-c4ah-r5g9-rkbw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:47.158463+00:00	Debian Importer	Fixing	VCID-t69n-d8kz-ukdh	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:47.073636+00:00	Debian Importer	Fixing	VCID-ddbx-2xsp-b3ek	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:46.987262+00:00	Debian Importer	Fixing	VCID-8h6y-rjqd-nydy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:46.902064+00:00	Debian Importer	Fixing	VCID-9g5w-9vct-vybx	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:21:01.449054+00:00	Debian Importer	Fixing	VCID-4nwy-ujza-aqeg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.418864+00:00	Debian Importer	Fixing	VCID-1zc8-fbzm-tbaz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.389053+00:00	Debian Importer	Fixing	VCID-crkt-7ueh-dbau	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.327801+00:00	Debian Importer	Fixing	VCID-sbba-7wah-s3dm	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.297997+00:00	Debian Importer	Fixing	VCID-c4ah-r5g9-rkbw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.266281+00:00	Debian Importer	Fixing	VCID-t69n-d8kz-ukdh	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.231343+00:00	Debian Importer	Fixing	VCID-ddbx-2xsp-b3ek	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.196398+00:00	Debian Importer	Fixing	VCID-8h6y-rjqd-nydy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:01.161154+00:00	Debian Importer	Fixing	VCID-9g5w-9vct-vybx	https://security-tracker.debian.org/tracker/data/json	38.1.0