exploitDog

CVE-2025-1566

Опубликовано: 16 апр. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

Ссылки

https://issues.chromium.org/issues/b/342802975
Broken Link
https://issuetracker.google.com/issues/342802975
Issue Tracking
Mailing List

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:chrome_os:16002.23.0:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00036

Низкий

7.5 High

CVSS3

Дефекты

CWE-1319

Связанные уязвимости

GHSA-gm22-hqvw-7j52

CVSS3: 7.5

github

10 месяцев назад

DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 129.0.6668.36 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

EPSS

Процентиль: 10%

0.00036

Низкий

7.5 High

CVSS3

Дефекты

CWE-1319