ALT-PU-2025-11919-2

BDU:2025-11453

MEDIUM6.3

Уязвимость компонента Dawn браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Published: 2025-09-22Modified: 2026-03-04

CVSS 3.xMEDIUM 6.3

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2025-10500

BDU:2025-11454

MEDIUM6.3

Уязвимость компонента WebRTC браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Published: 2025-09-22Modified: 2026-03-04

CVSS 3.xMEDIUM 6.3

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2025-10501

BDU:2025-11455

MEDIUM6.3

Уязвимость компонента ANGLE браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Published: 2025-09-22Modified: 2026-03-04

CVSS 3.xMEDIUM 6.3

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2025-10502

BDU:2025-11457

MEDIUM6.3

Уязвимость компонента V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Published: 2025-09-22Modified: 2026-03-04

CVSS 3.xMEDIUM 6.3

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2025-10585

CVE-2025-10500

HIGH8.8

Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2025-09-24Modified: 2025-09-25

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2025-10501

HIGH8.8

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2025-09-24Modified: 2025-09-25

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2025-10502

HIGH8.8

Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)

Published: 2025-09-24Modified: 2025-09-25

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2025-10585

CRITICAL9.8

Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2025-09-24Modified: 2025-10-30

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Package update chromium in branch sisyphus

Closed issues (8)

Уязвимость компонента Dawn браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Уязвимость компонента WebRTC браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Уязвимость компонента ANGLE браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Уязвимость компонента V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код

Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)

Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)