CVE-2025-0439

Published Jan 15, 2025

Last updated 22 days ago

Overview

Description
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Source
chrome-cve-admin@google.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Severity
MEDIUM

Weaknesses

chrome-cve-admin@google.com
CWE-362
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-290

Social media

Hype score
Not currently trending