VulnerableCode Package Details - pkg:deb/debian/chromium@134.0.6998.117-1

Search for packages

Package details: pkg:deb/debian/chromium@134.0.6998.117-1

Essentials
History (7)

purl	pkg:deb/debian/chromium@134.0.6998.117-1
Tags	Ghost

Next non-vulnerable version	137.0.7151.119-1
Latest non-vulnerable version	137.0.7151.119-1
Risk	2.6

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-4nfk-ad4x-pqfc Aliases: CVE-2025-3069	Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)	135.0.7049.52-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-4srh-7hpq-akh6 Aliases: CVE-2025-3066	Use after free in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	135.0.7049.52-1~deb12u1 Affected by 0 other vulnerabilities. 135.0.7049.52-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 135.0.7049.84-1~deb12u1 Affected by 0 other vulnerabilities. 135.0.7049.84-1 Affected by 0 other vulnerabilities. 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8rwv-3zzz-uqfb Aliases: CVE-2025-3072	Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	135.0.7049.52-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ft16-g9uu-4kh7 Aliases: CVE-2025-3070	Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)	135.0.7049.52-1~deb12u1 Affected by 0 other vulnerabilities. 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kshf-nqnp-93c5 Aliases: CVE-2025-3067	Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)	135.0.7049.52-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ktp7-3vu1-sue8 Aliases: CVE-2025-3068	Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)	135.0.7049.52-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pvrm-qv5s-fbdv Aliases: CVE-2025-3071	Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)	135.0.7049.52-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 135.0.7049.95-1~deb12u1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-04-07T02:10:48.501783+00:00	Debian Importer	Affected by	VCID-ft16-g9uu-4kh7	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-06T02:37:56.644843+00:00	Debian Importer	Affected by	VCID-4srh-7hpq-akh6	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-06T02:08:38.854419+00:00	Debian Importer	Affected by	VCID-kshf-nqnp-93c5	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-05T19:56:18.533560+00:00	Debian Importer	Affected by	VCID-ktp7-3vu1-sue8	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-04T05:55:06.864349+00:00	Debian Importer	Affected by	VCID-4nfk-ad4x-pqfc	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-04T05:31:23.785759+00:00	Debian Importer	Affected by	VCID-8rwv-3zzz-uqfb	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-04T02:53:41.994603+00:00	Debian Importer	Affected by	VCID-pvrm-qv5s-fbdv	https://security-tracker.debian.org/tracker/data/json	36.0.0