CVE

DEBIAN-CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools.

Back to all

CVE

DEBIAN-CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools.

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://security-tracker.debian.org/tracker/CVE-2025-12907

Severity

8.8

CVSS Score

Basic Information

Ecosystem

Base CVSS

8.8

EPSS Probability

EPSS Percentile

Introduced Version

Fix Available

140.0.7339.80-1~deb12u1,140.0.7339.80-1~deb13u1,140.0.7339.80-1

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

DEBIAN-CVE-2025-12907

DEBIAN-CVE-2025-12907

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

8.8

Basic Information

Fix Critical Vulnerabilities Instantly