Vulnerability-Lookup

CVE-2025-13638 (GCVE-0-2025-13638)

Vulnerability from cvelistv5 – Published: 2025-12-02 19:00 – Updated: 2026-02-26 16:57

Summary

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use after free

Assigner

Chrome

References

2 references

URL	Tags
https://chromereleases.googleblog.com/2025/12/sta…
https://issues.chromium.org/issues/448046109

Impacted products

1 product

Vendor	Product	Version
Google	Chrome	Affected: 143.0.7499.41 , < 143.0.7499.41 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-13638",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-03T04:55:43.938987Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T16:57:39.319Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "143.0.7499.41",
              "status": "affected",
              "version": "143.0.7499.41",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use after free",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-02T19:00:15.167Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html"
        },
        {
          "url": "https://issues.chromium.org/issues/448046109"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-13638",
    "datePublished": "2025-12-02T19:00:15.167Z",
    "dateReserved": "2025-11-24T23:26:26.147Z",
    "dateUpdated": "2026-02-26T16:57:39.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-13638",
      "date": "2026-05-28",
      "epss": "0.00105",
      "percentile": "0.28175"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-13638\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2025-12-02T19:15:48.480\",\"lastModified\":\"2025-12-04T19:20:42.487\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"chrome-cve-admin@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"143.0.7499.40\",\"matchCriteriaId\":\"28874374-C1B5-4638-BCCD-0AC4F1DAA6EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"143.0.7499.40\",\"matchCriteriaId\":\"28874374-C1B5-4638-BCCD-0AC4F1DAA6EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://issues.chromium.org/issues/448046109\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-13638\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-03T04:55:43.938987Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-02T19:37:03.837Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Chrome\", \"versions\": [{\"status\": \"affected\", \"version\": \"143.0.7499.41\", \"lessThan\": \"143.0.7499.41\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html\"}, {\"url\": \"https://issues.chromium.org/issues/448046109\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-416\", \"description\": \"Use after free\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2025-12-02T19:00:15.167Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-13638\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T16:57:39.319Z\", \"dateReserved\": \"2025-11-24T23:26:26.147Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2025-12-02T19:00:15.167Z\", \"assignerShortName\": \"Chrome\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2025-AVI-1058

Vulnerability from certfr_avis - Published: 2025-12-03 - Updated: 2025-12-03

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome versions antérieures à 143.0.7499.40/41 pour Windows et Mac
	Google	Chrome	Chrome versions antérieures à 143.0.7499.40 pour Linux

References

Title

Publication Time

Tags

Bulletin de sécurité Google Chrome

2025-12-02

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 143.0.7499.40/41 pour Windows et Mac",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 143.0.7499.40 pour Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-13720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13720"
    },
    {
      "name": "CVE-2025-13638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13638"
    },
    {
      "name": "CVE-2025-13633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13633"
    },
    {
      "name": "CVE-2025-13636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13636"
    },
    {
      "name": "CVE-2025-13637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13637"
    },
    {
      "name": "CVE-2025-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13630"
    },
    {
      "name": "CVE-2025-13634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13634"
    },
    {
      "name": "CVE-2025-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13632"
    },
    {
      "name": "CVE-2025-13640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13640"
    },
    {
      "name": "CVE-2025-13635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13635"
    },
    {
      "name": "CVE-2025-13639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13639"
    },
    {
      "name": "CVE-2025-13721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13721"
    },
    {
      "name": "CVE-2025-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13631"
    }
  ],
  "initial_release_date": "2025-12-03T00:00:00",
  "last_revision_date": "2025-12-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1058",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": "2025-12-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome",
      "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html"
    }
  ]
}

CERTFR-2025-AVI-1069

Vulnerability from certfr_avis - Published: 2025-12-05 - Updated: 2025-12-05

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge versions antérieures à 143.0.3650.66

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Edge CVE-2025-13635	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13638	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13720	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13639	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-62223	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13634	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13630	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13640	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13631	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13721	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13636	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13633	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13637	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13632	2025-12-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 143.0.3650.66",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-13720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13720"
    },
    {
      "name": "CVE-2025-13638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13638"
    },
    {
      "name": "CVE-2025-13633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13633"
    },
    {
      "name": "CVE-2025-13636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13636"
    },
    {
      "name": "CVE-2025-13637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13637"
    },
    {
      "name": "CVE-2025-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13630"
    },
    {
      "name": "CVE-2025-13634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13634"
    },
    {
      "name": "CVE-2025-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13632"
    },
    {
      "name": "CVE-2025-13640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13640"
    },
    {
      "name": "CVE-2025-13635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13635"
    },
    {
      "name": "CVE-2025-13639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13639"
    },
    {
      "name": "CVE-2025-13721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13721"
    },
    {
      "name": "CVE-2025-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13631"
    },
    {
      "name": "CVE-2025-62223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62223"
    }
  ],
  "initial_release_date": "2025-12-05T00:00:00",
  "last_revision_date": "2025-12-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1069",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13635",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13635"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13638",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13638"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13720",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13720"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13639",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13639"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-62223",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62223"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13634",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13634"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13630",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13630"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13640",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13640"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13631",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13631"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13721",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13721"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13636",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13636"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13633",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13633"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13637",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13637"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13632",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13632"
    }
  ]
}

CERTFR-2026-AVI-0049

Vulnerability from certfr_avis - Published: 2026-01-15 - Updated: 2026-01-15

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et un contournement de la politique de sécurité.

Palo Alto Networks a connaissance d'une preuve de concept pour la vulnérabilité CVE-2026-0227.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7-x antérieures à 11.2.7-h8
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10-x antérieures à 10.2.10-h30
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.4-x antérieures à 11.1.4-h27
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.13-x antérieures à 10.2.13-h18
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.16-x antérieures à 10.2.16-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.18-x antérieures à 10.2.18-h1
Palo Alto Networks	PAN-OS	PAN-OS versions 10.1.x antérieures à 10.1.14-h20
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.7-x antérieures à 10.2.7-h32
Palo Alto Networks	PAN-OS	PAN-OS versions antérieures à 11.1.13
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.6-x antérieures à 11.1.6-h23
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.10-x antérieures à 11.1.10-h9
Palo Alto Networks	Prisma Access	Prisma Access versions 11.2 antérieures à 11.2.7-h8
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.x antérieures à 12.1.3-h3
Palo Alto Networks	Prisma Access	Prisma Access versions 10.2 antérieures à 10.2.10-h29
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.4-x antérieures à 11.2.4-h15
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10-x antérieures à 11.2.10-h2
Palo Alto Networks	Prisma Access Browser	Prisma Browser antérieures à 143.37.2.193
Palo Alto Networks	PAN-OS	PAN-OS versions antérieures à 12.1.4

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks PAN-SA-2026-0001	2026-01-14	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0227	2026-01-14	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PAN-OS versions 11.2.7-x ant\u00e9rieures \u00e0 11.2.7-h8",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.10-x ant\u00e9rieures \u00e0 10.2.10-h30",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.4-x ant\u00e9rieures \u00e0 11.1.4-h27",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.13-x ant\u00e9rieures \u00e0 10.2.13-h18",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.16-x ant\u00e9rieures \u00e0  10.2.16-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.18-x ant\u00e9rieures \u00e0 10.2.18-h1",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14-h20",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.7-x ant\u00e9rieures \u00e0 10.2.7-h32",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions ant\u00e9rieures \u00e0 11.1.13",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.6-x ant\u00e9rieures \u00e0 11.1.6-h23",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.10-x ant\u00e9rieures \u00e0 11.1.10-h9",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 11.2 ant\u00e9rieures \u00e0 11.2.7-h8",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.x ant\u00e9rieures \u00e0 12.1.3-h3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 10.2 ant\u00e9rieures \u00e0 10.2.10-h29",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.4-x ant\u00e9rieures \u00e0 11.2.4-h15",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.10-x ant\u00e9rieures \u00e0 11.2.10-h2",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Browser ant\u00e9rieures \u00e0 143.37.2.193",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions ant\u00e9rieures \u00e0 12.1.4",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-13720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13720"
    },
    {
      "name": "CVE-2025-13638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13638"
    },
    {
      "name": "CVE-2025-13633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13633"
    },
    {
      "name": "CVE-2025-13636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13636"
    },
    {
      "name": "CVE-2025-13637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13637"
    },
    {
      "name": "CVE-2025-14372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14372"
    },
    {
      "name": "CVE-2025-14766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14766"
    },
    {
      "name": "CVE-2025-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13630"
    },
    {
      "name": "CVE-2025-13634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13634"
    },
    {
      "name": "CVE-2025-13223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13223"
    },
    {
      "name": "CVE-2025-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13632"
    },
    {
      "name": "CVE-2025-12726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12726"
    },
    {
      "name": "CVE-2025-13640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13640"
    },
    {
      "name": "CVE-2025-14373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14373"
    },
    {
      "name": "CVE-2026-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0227"
    },
    {
      "name": "CVE-2025-13635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13635"
    },
    {
      "name": "CVE-2025-12725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12725"
    },
    {
      "name": "CVE-2025-14174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
    },
    {
      "name": "CVE-2025-14765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14765"
    },
    {
      "name": "CVE-2025-13639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13639"
    },
    {
      "name": "CVE-2025-13224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13224"
    },
    {
      "name": "CVE-2025-13042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13042"
    },
    {
      "name": "CVE-2025-13721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13721"
    },
    {
      "name": "CVE-2025-12729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12729"
    },
    {
      "name": "CVE-2026-0628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0628"
    },
    {
      "name": "CVE-2025-12728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12728"
    },
    {
      "name": "CVE-2025-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13631"
    },
    {
      "name": "CVE-2025-12727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12727"
    }
  ],
  "initial_release_date": "2026-01-15T00:00:00",
  "last_revision_date": "2026-01-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0049",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-01-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n\nPalo Alto Networks a connaissance d\u0027une preuve de concept pour la vuln\u00e9rabilit\u00e9 CVE-2026-0227.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2026-01-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2026-0001",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2026-0001"
    },
    {
      "published_at": "2026-01-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0227",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0227"
    }
  ]
}

CERTFR-2025-AVI-1058

Vulnerability from certfr_avis - Published: 2025-12-03 - Updated: 2025-12-03

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome versions antérieures à 143.0.7499.40/41 pour Windows et Mac
	Google	Chrome	Chrome versions antérieures à 143.0.7499.40 pour Linux

References

Title

Publication Time

Tags

Bulletin de sécurité Google Chrome

2025-12-02

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 143.0.7499.40/41 pour Windows et Mac",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 143.0.7499.40 pour Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-13720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13720"
    },
    {
      "name": "CVE-2025-13638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13638"
    },
    {
      "name": "CVE-2025-13633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13633"
    },
    {
      "name": "CVE-2025-13636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13636"
    },
    {
      "name": "CVE-2025-13637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13637"
    },
    {
      "name": "CVE-2025-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13630"
    },
    {
      "name": "CVE-2025-13634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13634"
    },
    {
      "name": "CVE-2025-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13632"
    },
    {
      "name": "CVE-2025-13640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13640"
    },
    {
      "name": "CVE-2025-13635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13635"
    },
    {
      "name": "CVE-2025-13639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13639"
    },
    {
      "name": "CVE-2025-13721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13721"
    },
    {
      "name": "CVE-2025-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13631"
    }
  ],
  "initial_release_date": "2025-12-03T00:00:00",
  "last_revision_date": "2025-12-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1058",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": "2025-12-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome",
      "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html"
    }
  ]
}

CERTFR-2025-AVI-1069

Vulnerability from certfr_avis - Published: 2025-12-05 - Updated: 2025-12-05

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge versions antérieures à 143.0.3650.66

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Edge CVE-2025-13635	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13638	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13720	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13639	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-62223	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13634	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13630	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13640	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13631	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13721	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13636	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13633	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13637	2025-12-04	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2025-13632	2025-12-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 143.0.3650.66",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-13720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13720"
    },
    {
      "name": "CVE-2025-13638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13638"
    },
    {
      "name": "CVE-2025-13633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13633"
    },
    {
      "name": "CVE-2025-13636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13636"
    },
    {
      "name": "CVE-2025-13637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13637"
    },
    {
      "name": "CVE-2025-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13630"
    },
    {
      "name": "CVE-2025-13634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13634"
    },
    {
      "name": "CVE-2025-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13632"
    },
    {
      "name": "CVE-2025-13640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13640"
    },
    {
      "name": "CVE-2025-13635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13635"
    },
    {
      "name": "CVE-2025-13639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13639"
    },
    {
      "name": "CVE-2025-13721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13721"
    },
    {
      "name": "CVE-2025-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13631"
    },
    {
      "name": "CVE-2025-62223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62223"
    }
  ],
  "initial_release_date": "2025-12-05T00:00:00",
  "last_revision_date": "2025-12-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1069",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13635",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13635"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13638",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13638"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13720",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13720"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13639",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13639"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-62223",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62223"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13634",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13634"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13630",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13630"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13640",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13640"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13631",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13631"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13721",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13721"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13636",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13636"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13633",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13633"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13637",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13637"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2025-13632",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13632"
    }
  ]
}

CERTFR-2026-AVI-0049

Vulnerability from certfr_avis - Published: 2026-01-15 - Updated: 2026-01-15

Palo Alto Networks a connaissance d'une preuve de concept pour la vulnérabilité CVE-2026-0227.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7-x antérieures à 11.2.7-h8
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10-x antérieures à 10.2.10-h30
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.4-x antérieures à 11.1.4-h27
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.13-x antérieures à 10.2.13-h18
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.16-x antérieures à 10.2.16-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.18-x antérieures à 10.2.18-h1
Palo Alto Networks	PAN-OS	PAN-OS versions 10.1.x antérieures à 10.1.14-h20
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.7-x antérieures à 10.2.7-h32
Palo Alto Networks	PAN-OS	PAN-OS versions antérieures à 11.1.13
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.6-x antérieures à 11.1.6-h23
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.10-x antérieures à 11.1.10-h9
Palo Alto Networks	Prisma Access	Prisma Access versions 11.2 antérieures à 11.2.7-h8
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.x antérieures à 12.1.3-h3
Palo Alto Networks	Prisma Access	Prisma Access versions 10.2 antérieures à 10.2.10-h29
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.4-x antérieures à 11.2.4-h15
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10-x antérieures à 11.2.10-h2
Palo Alto Networks	Prisma Access Browser	Prisma Browser antérieures à 143.37.2.193
Palo Alto Networks	PAN-OS	PAN-OS versions antérieures à 12.1.4

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks PAN-SA-2026-0001	2026-01-14	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2026-0227	2026-01-14	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PAN-OS versions 11.2.7-x ant\u00e9rieures \u00e0 11.2.7-h8",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.10-x ant\u00e9rieures \u00e0 10.2.10-h30",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.4-x ant\u00e9rieures \u00e0 11.1.4-h27",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.13-x ant\u00e9rieures \u00e0 10.2.13-h18",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.16-x ant\u00e9rieures \u00e0  10.2.16-h6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.18-x ant\u00e9rieures \u00e0 10.2.18-h1",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14-h20",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.7-x ant\u00e9rieures \u00e0 10.2.7-h32",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions ant\u00e9rieures \u00e0 11.1.13",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.6-x ant\u00e9rieures \u00e0 11.1.6-h23",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.10-x ant\u00e9rieures \u00e0 11.1.10-h9",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 11.2 ant\u00e9rieures \u00e0 11.2.7-h8",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 12.1.x ant\u00e9rieures \u00e0 12.1.3-h3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 10.2 ant\u00e9rieures \u00e0 10.2.10-h29",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.4-x ant\u00e9rieures \u00e0 11.2.4-h15",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.10-x ant\u00e9rieures \u00e0 11.2.10-h2",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Browser ant\u00e9rieures \u00e0 143.37.2.193",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions ant\u00e9rieures \u00e0 12.1.4",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-13720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13720"
    },
    {
      "name": "CVE-2025-13638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13638"
    },
    {
      "name": "CVE-2025-13633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13633"
    },
    {
      "name": "CVE-2025-13636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13636"
    },
    {
      "name": "CVE-2025-13637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13637"
    },
    {
      "name": "CVE-2025-14372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14372"
    },
    {
      "name": "CVE-2025-14766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14766"
    },
    {
      "name": "CVE-2025-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13630"
    },
    {
      "name": "CVE-2025-13634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13634"
    },
    {
      "name": "CVE-2025-13223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13223"
    },
    {
      "name": "CVE-2025-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13632"
    },
    {
      "name": "CVE-2025-12726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12726"
    },
    {
      "name": "CVE-2025-13640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13640"
    },
    {
      "name": "CVE-2025-14373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14373"
    },
    {
      "name": "CVE-2026-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0227"
    },
    {
      "name": "CVE-2025-13635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13635"
    },
    {
      "name": "CVE-2025-12725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12725"
    },
    {
      "name": "CVE-2025-14174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
    },
    {
      "name": "CVE-2025-14765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14765"
    },
    {
      "name": "CVE-2025-13639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13639"
    },
    {
      "name": "CVE-2025-13224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13224"
    },
    {
      "name": "CVE-2025-13042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13042"
    },
    {
      "name": "CVE-2025-13721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13721"
    },
    {
      "name": "CVE-2025-12729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12729"
    },
    {
      "name": "CVE-2026-0628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0628"
    },
    {
      "name": "CVE-2025-12728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12728"
    },
    {
      "name": "CVE-2025-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13631"
    },
    {
      "name": "CVE-2025-12727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12727"
    }
  ],
  "initial_release_date": "2026-01-15T00:00:00",
  "last_revision_date": "2026-01-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0049",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-01-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n\nPalo Alto Networks a connaissance d\u0027une preuve de concept pour la vuln\u00e9rabilit\u00e9 CVE-2026-0227.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2026-01-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2026-0001",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2026-0001"
    },
    {
      "published_at": "2026-01-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2026-0227",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0227"
    }
  ]
}

BDU:2025-15250

Vulnerability from fstec - Published: 02.12.2025

Title

Уязвимость компонента Media Stream браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость компонента Media Stream браузера Google Chrome связана с использованием памяти после ее освобождения. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании с помощью специально созданной HTML-страницы

Severity


                    
                      AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor

Сообщество свободного программного обеспечения, Fedora Project, Google Inc, ООО «Ред Софт»

Software Name

Debian GNU/Linux, Fedora EPEL, Fedora, Google Chrome, РЕД ОС (запись в едином реестре российских программ №3751)

Software Version

11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 13 (Debian GNU/Linux), epel10 (Fedora EPEL), 43 (Fedora), до 143.0.7499.41 (Google Chrome), 8.0 (РЕД ОС)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций производителя: Для Google Chrome: https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2025-13638 Для Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2025-13638 Для Ред ОС: http://repo.red-soft.ru/redos/8.0/x86_64/updates/

Reference

https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2025-13638 https://security-tracker.debian.org/tracker/CVE-2025-13638 http://repo.red-soft.ru/redos/8.0/x86_64/updates/

CWE

CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO2398",
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO2398 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Google Chrome",
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project, Google Inc, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 13 (Debian GNU/Linux), epel10 (Fedora EPEL), 43 (Fedora), \u0434\u043e 143.0.7499.41 (Google Chrome), 8.0 (\u0420\u0415\u0414 \u041e\u0421)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\n\n\u0414\u043b\u044f Google Chrome:\nhttps://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2025-13638\n\n\u0414\u043b\u044f Fedora:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2025-13638\n\n\u0414\u043b\u044f \u0420\u0435\u0434 \u041e\u0421: \nhttp://repo.red-soft.ru/redos/8.0/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.12.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.12.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-15250",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-13638",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Fedora EPEL, Fedora, Google Chrome, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 13 , Fedora Project Fedora 43 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 8.0  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Media Stream \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Google Chrome, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Media Stream \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Google Chrome \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2025-13638\nhttps://security-tracker.debian.org/tracker/CVE-2025-13638\nhttp://repo.red-soft.ru/redos/8.0/x86_64/updates/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10.0)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8.8)"
}

CNVD-2025-30385

Vulnerability from cnvd - Published: 2025-12-09

Title

Google Chrome Media Stream释放后重用漏洞（CNVD-2025-30385）

Description

Google Chrome是由Google开发的网页浏览器。 Google Chrome Media Stream存在释放后重用漏洞，该漏洞源于重引用或使用释放后的内存，远程攻击者可利用该漏洞使应用程序崩溃。

Severity

高

Patch Name

Google Chrome Media Stream释放后重用漏洞（CNVD-2025-30385）的补丁

Patch Description

Google Chrome是由Google开发的网页浏览器。 Google Chrome Media Stream存在释放后重用漏洞，该漏洞源于重引用或使用释放后的内存，远程攻击者可利用该漏洞使应用程序崩溃。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载: https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2025-13638

Impacted products

Name
Google Chrome <143.0.7499.40

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-13638",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-13638"
    }
  },
  "description": "Google Chrome\u662f\u7531Google\u5f00\u53d1\u7684\u7f51\u9875\u6d4f\u89c8\u5668\u3002\n\nGoogle Chrome Media Stream\u5b58\u5728\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u91cd\u5f15\u7528\u6216\u4f7f\u7528\u91ca\u653e\u540e\u7684\u5185\u5b58\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d:\r\nhttps://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-30385",
  "openTime": "2025-12-09",
  "patchDescription": "Google Chrome\u662f\u7531Google\u5f00\u53d1\u7684\u7f51\u9875\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome Media Stream\u5b58\u5728\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u91cd\u5f15\u7528\u6216\u4f7f\u7528\u91ca\u653e\u540e\u7684\u5185\u5b58\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Chrome Media Stream\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff08CNVD-2025-30385\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Google Chrome \u003c143.0.7499.40"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-13638",
  "serverity": "\u9ad8",
  "submitTime": "2025-12-08",
  "title": "Google Chrome Media Stream\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff08CNVD-2025-30385\uff09"
}

FKIE_CVE-2025-13638

Vulnerability from fkie_nvd - Published: 2025-12-02 19:15 - Updated: 2025-12-04 19:20

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

References

	URL	Tags
	chrome-cve-admin@google.com	https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html	Release Notes, Vendor Advisory
	chrome-cve-admin@google.com	https://issues.chromium.org/issues/448046109	Issue Tracking, Permissions Required

Impacted products

Vendor	Product	Version
google	chrome	*
linux	linux_kernel	-
google	chrome	*
apple	macos	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28874374-C1B5-4638-BCCD-0AC4F1DAA6EC",
              "versionEndExcluding": "143.0.7499.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28874374-C1B5-4638-BCCD-0AC4F1DAA6EC",
              "versionEndExcluding": "143.0.7499.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)"
    }
  ],
  "id": "CVE-2025-13638",
  "lastModified": "2025-12-04T19:20:42.487",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-12-02T19:15:48.480",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Issue Tracking",
        "Permissions Required"
      ],
      "url": "https://issues.chromium.org/issues/448046109"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "chrome-cve-admin@google.com",
      "type": "Secondary"
    }
  ]
}

GHSA-6JXR-VC7P-9HQV

Vulnerability from github – Published: 2025-12-02 21:31 – Updated: 2025-12-02 21:31

Details

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-13638"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-02T19:15:48Z",
    "severity": "HIGH"
  },
  "details": "Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)",
  "id": "GHSA-6jxr-vc7p-9hqv",
  "modified": "2025-12-02T21:31:29Z",
  "published": "2025-12-02T21:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13638"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/448046109"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-13638 (GCVE-0-2025-13638)

Solutions

Solutions

Solutions

Solutions

Solutions

Solutions

Tags

Sightings

Nomenclature