PT-2025-46575 · Google+3 · Google Chrome+3
Published
2025-11-11
·
Updated
2026-02-17
·
CVE-2025-13042
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 142.0.7444.166
Chromium versions prior to 142.0.7444.162-1deb12u1 (Debian bookworm)
Chromium versions prior to 142.0.7444.162-1deb13u1 (Debian trixie)
Chromium versions prior to 142.0.7444.162-alt0.p11.1
Description
A flaw exists in the V8 JavaScript engine within Google Chrome and Chromium. This issue, described as an "inappropriate implementation," leads to heap corruption when processing specifically crafted HTML pages. A remote attacker can potentially exploit this to cause heap corruption. The vulnerability is present in versions prior to 142.0.7444.166.
Recommendations
Google Chrome versions prior to 142.0.7444.166: Update to version 142.0.7444.166 or later.
Chromium versions prior to 142.0.7444.162-1deb12u1 (Debian bookworm): Upgrade to version 142.0.7444.162-1deb12u1 or later.
Chromium versions prior to 142.0.7444.162-1deb13u1 (Debian trixie): Upgrade to version 142.0.7444.162-1deb13u1 or later.
Chromium versions prior to 142.0.7444.162-alt0.p11.1: Update to version 142.0.7444.162-alt0.p11.1 or later.
Fix
RCE
Memory Corruption
Improperly Implemented Security Check for Standard
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Debian
Google Chrome
Red Os