CVE-2025-13107

Опубликовано: 14 нояб. 2025

Источник: redhat

CVSS3: 4.3

EPSS Низкий

Описание

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-1021

https://bugzilla.redhat.com/show_bug.cgi?id=2414975chromium-browser: Inappropriate implementation in Compositing

EPSS

Процентиль: 33%

0.00136

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-13107

CVSS3: 4.3

ubuntu

5 месяцев назад

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2025-13107

CVSS3: 4.3

nvd

5 месяцев назад

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2025-13107

CVSS3: 4.3

debian

5 месяцев назад

Inappropriate implementation in Compositing in Google Chrome prior to ...

GHSA-hwc8-vf72-jqqw

CVSS3: 4.3

github

5 месяцев назад

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

BDU:2025-14878

CVSS3: 4.3

fstec

9 месяцев назад

Уязвимость компонента Compositing браузера Google Chrome, позволяющая нарушителю подменить пользовательский интерфейс

EPSS

Процентиль: 33%

0.00136

Низкий

4.3 Medium

CVSS3