VulnerableCode Package Details - pkg:deb/debian/chromium@136.0.7103.113-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-2r66-s3wx-pyh9 Aliases: CVE-2025-5280	Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	137.0.7151.55-2 Affected by 0 other vulnerabilities. 137.0.7151.68-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-6upt-853e-27c2 Aliases: CVE-2025-5063	Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	137.0.7151.55-2 Affected by 0 other vulnerabilities.
VCID-n4az-nrdr-h7b9 Aliases: CVE-2025-5067	Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	137.0.7151.55-2 Affected by 0 other vulnerabilities. 137.0.7151.68-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-saxq-ywgh-w3bf Aliases: CVE-2025-5065	Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	137.0.7151.55-2 Affected by 0 other vulnerabilities. 137.0.7151.68-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-sw7w-5e5y-bqg4 Aliases: CVE-2025-5066	Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	137.0.7151.55-2 Affected by 0 other vulnerabilities.
VCID-ttxy-hc33-57ds Aliases: CVE-2025-5064	Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	137.0.7151.55-2 Affected by 0 other vulnerabilities. 137.0.7151.68-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-wf3e-41zq-a3h1 Aliases: CVE-2025-5283	Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	137.0.7151.55-2 Affected by 0 other vulnerabilities. 137.0.7151.68-1~deb12u1 Affected by 0 other vulnerabilities.
VCID-wu42-vef5-xqaz Aliases: CVE-2025-5281	Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)	137.0.7151.55-2 Affected by 0 other vulnerabilities. 137.0.7151.68-1~deb12u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2r66-s3wx-pyh9
Aliases:
CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)