PT-2025-23034 · Google+12 · Google Chrome+12

Published

2025-05-22

·

Updated

2026-02-02

·

CVE-2025-5283

CVSS v2.0

6.4

Medium

VectorAV:N/AC:L/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 137.0.7151.55
Description The issue is related to a use after free in libvpx, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Recommendations For versions prior to 137.0.7151.55, update to version 137.0.7151.55 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:8341
ALSA-2025:8607
ALSA-2025:9118
ALSA-2025:9119
ALSA-2025:9120
ALT-PU-2025-11100
ALT-PU-2025-14599
ALT-PU-2025-8435
BDU:2025-06284
CESA-2025_8308
CESA-2025_8756
CESA-2025_9119
CVE-2025-5283
DLA-4191-1
DLA-4194-1
DLA-4201-1
DSA-5926-1
DSA-5928-1
DSA-5929-1
DSA-5932-1
INFSA-2025_9118
INFSA-2025_9119
MGASA-2025-0187
MGASA-2025-0266
OESA-2025-1592
OESA-2025-1650
OESA-2025-1651
OESA-2025-1652
OESA-2025-1653
OPENSUSE-SU-2025-20135-1
OPENSUSE-SU-2025:15210-1
OPENSUSE-SU-2025:15315-1
OPENSUSE-SU-2025:20135-1
RHSA-2025:8293
RHSA-2025:8308
RHSA-2025:8341
RHSA-2025:8598
RHSA-2025:8599
RHSA-2025:8607
RHSA-2025:8608
RHSA-2025:8628
RHSA-2025:8629
RHSA-2025:8630
RHSA-2025:8631
RHSA-2025:8642
RHSA-2025:8756
RHSA-2025:9071
RHSA-2025:9072
RHSA-2025:9073
RHSA-2025:9074
RHSA-2025:9075
RHSA-2025:9076
RHSA-2025:9077
RHSA-2025:9118
RHSA-2025:9119
RHSA-2025:9120
RHSA-2025:9122
RHSA-2025:9123
RHSA-2025:9124
RHSA-2025:9125
RHSA-2025:9126
RHSA-2025:9127
RHSA-2025:9128
RHSA-2025:9155
RHSA-2025:9331
RHSA-2025_8293
RHSA-2025_8308
RHSA-2025_8607
RHSA-2025_8756
RHSA-2025_9118
RHSA-2025_9119
SUSE-SU-2025:21170-1
USN-7551-1
USN-7991-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Google Chrome
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Libvpx