ALT Linux Team

Package chromium update in sisyphus_loongarch64 on 2025-05-14

ALT-PU-2025-6741-1

Package chromium updated to version 136.0.7103.59-alt0.port for branch sisyphus_loongarch64.

Closed vulnerabilities

Published: 2025-05-05
Modified: 2025-05-28

CVE-2025-4050

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

References:
Published: 2025-05-05
Modified: 2025-05-28

CVE-2025-4051

Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)

References:
Published: 2025-05-05
Modified: 2025-05-28

CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)

References:
Published: 2025-05-05
Modified: 2025-05-28

CVE-2025-4096

Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.1
Back to top