VulnerableCode Package Details - pkg:deb/debian/chromium@140.0.7339.80-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1yv3-9hvy-wqad	Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)	CVE-2025-12910
VCID-5z4q-511c-3yfg	Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-9865
VCID-6wb7-8x4p-dkgt	Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	CVE-2025-12906
VCID-hhme-jc9c-wua5	Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-9866
VCID-k4kf-hvym-nfd6	Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low)	CVE-2025-12909
VCID-t6a7-tdcw-zuhv	Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)	CVE-2025-12907
VCID-vfpj-s32r-fygb	chromium-browser: Inappropriate implementation in Compositing	CVE-2025-13107
VCID-z745-kejm-sbf2	Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	CVE-2025-12911
VCID-zkqv-ppkf-yfe2	Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-9867

Vulnerability

Summary

Aliases

VCID-1yv3-9hvy-wqad

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)

CVE-2025-12910

VCID-5z4q-511c-3yfg

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-9865

VCID-6wb7-8x4p-dkgt

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2025-12906

VCID-hhme-jc9c-wua5

Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-9866

VCID-k4kf-hvym-nfd6

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low)

CVE-2025-12909

VCID-t6a7-tdcw-zuhv

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

CVE-2025-12907

VCID-vfpj-s32r-fygb

chromium-browser: Inappropriate implementation in Compositing

CVE-2025-13107

VCID-z745-kejm-sbf2

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2025-12911

VCID-zkqv-ppkf-yfe2

Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-9867

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-17T22:42:21.310127+00:00	Debian Importer	Fixing	VCID-zkqv-ppkf-yfe2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:21.177575+00:00	Debian Importer	Fixing	VCID-hhme-jc9c-wua5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:21.031655+00:00	Debian Importer	Fixing	VCID-5z4q-511c-3yfg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:07.669420+00:00	Debian Importer	Fixing	VCID-vfpj-s32r-fygb	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:07.183914+00:00	Debian Importer	Fixing	VCID-z745-kejm-sbf2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:07.039881+00:00	Debian Importer	Fixing	VCID-1yv3-9hvy-wqad	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:06.903650+00:00	Debian Importer	Fixing	VCID-k4kf-hvym-nfd6	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:06.688213+00:00	Debian Importer	Fixing	VCID-t6a7-tdcw-zuhv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-17T22:42:06.541355+00:00	Debian Importer	Fixing	VCID-6wb7-8x4p-dkgt	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T17:48:53.697224+00:00	Debian Importer	Fixing	VCID-zkqv-ppkf-yfe2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:53.594976+00:00	Debian Importer	Fixing	VCID-hhme-jc9c-wua5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:53.495418+00:00	Debian Importer	Fixing	VCID-5z4q-511c-3yfg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:44.152277+00:00	Debian Importer	Fixing	VCID-vfpj-s32r-fygb	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:43.799062+00:00	Debian Importer	Fixing	VCID-z745-kejm-sbf2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:43.697026+00:00	Debian Importer	Fixing	VCID-1yv3-9hvy-wqad	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:43.593069+00:00	Debian Importer	Fixing	VCID-k4kf-hvym-nfd6	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:43.438474+00:00	Debian Importer	Fixing	VCID-t6a7-tdcw-zuhv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T17:48:43.338701+00:00	Debian Importer	Fixing	VCID-6wb7-8x4p-dkgt	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:21:03.702525+00:00	Debian Importer	Fixing	VCID-zkqv-ppkf-yfe2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:03.667346+00:00	Debian Importer	Fixing	VCID-hhme-jc9c-wua5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:03.631574+00:00	Debian Importer	Fixing	VCID-5z4q-511c-3yfg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:00.059837+00:00	Debian Importer	Fixing	VCID-vfpj-s32r-fygb	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:20:59.916060+00:00	Debian Importer	Fixing	VCID-z745-kejm-sbf2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:20:59.876290+00:00	Debian Importer	Fixing	VCID-1yv3-9hvy-wqad	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:20:59.836376+00:00	Debian Importer	Fixing	VCID-k4kf-hvym-nfd6	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:20:59.775484+00:00	Debian Importer	Fixing	VCID-t6a7-tdcw-zuhv	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:20:59.737226+00:00	Debian Importer	Fixing	VCID-6wb7-8x4p-dkgt	https://security-tracker.debian.org/tracker/data/json	38.1.0