OPENSUSE-SU-2025-20135-1 Security update for mozjs128

This update for mozjs128 fixes the following issues: - Update to version 128.14.0 bsc1248162: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memo...

SUSE-SU-2025:21170-1 Security update for mozjs128

This update for mozjs128 fixes the following issues: - Update to version 128.14.0 bsc1248162: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memo...

AZL-71503 CVE-2025-66453 affecting package rhino 1.7.7.1-2

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

CVE-2025-66453

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

PT-2025-54573

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the JavaScript engine V8 used by the Google Chrome browser. This issue relates to incorrect security checks during the processing of standard elements. Successful...

EUVD-2025-200309

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2025-200303

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-13721

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-13630

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-13721

CVE-2025-13721 describes a race in V8 within Google Chrome prior to 143.0.7499.41 that could enable a remote attacker to trigger heap corruption via a specially crafted HTML page. Affected software is Google Chrome (V8 engine); the vulnerability stems from a race condition in V8. Reported impact ...

CVE-2025-13630

CVE-2025-13630 is a Type Confusion in V8 in Google Chrome that could enable remote heap corruption via a crafted HTML page. Affected product is Chromium/Chrome (V8 engine); the issue is fixed in a Chrome/Chromium update ≥ 143.0.7499.41 (ChromeOS notes show related patching in the 143.0.7499.x fam...

PT-2025-48755

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description A type confusion issue exists in the V8 JavaScript engine used in Google Chrome. This flaw could allow a remote attacker to potentially exploit heap corruption through a specially craft...

Google Chrome < 143.0.7499.40 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 143.0.7499.40. It is, therefore, affected by multiple vulnerabilities as referenced in the 202512stable-channel-update-for-desktop advisory. - Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41...

ROS-20251202-04

A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to reading outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to impact the availability of protected information Vulnerability in the WebApp Instal...

PT-2025-48767

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description A race condition existed in the v8 engine within Google Chrome. This could potentially allow a remote attacker to exploit heap corruption through a specially crafted HTML page. The...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

...

Google Chrome Code Problem Vulnerability (CNVD-2025-29232)

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...

Google Chrome Code Problem Vulnerability (CNVD-2025-29234)

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome prior to version 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...