INFESA-2025:0007: chromium security update (Important)

Information about definition

Identificator: INFESA-2025:0007

Type: security

Release date: 2025-10-09 13:28:13 UTC

Information about package

Chromium is an open-source web browser, powered by WebKit (Blink)

Vulnerabilities description

  • CVE-2025-10890

    Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-10891

    Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-10892

    Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Updated packages

loader icon Preparing to download...
Architecture: Download