CVE

CVE-2025-14174

Google Chrome: chromium: webkitgtk: Out of bounds memory access via crafted HTML page (important)

CVE

CVE-2025-14174

Google Chrome: chromium: webkitgtk: Out of bounds memory access via crafted HTML page (important)

DOCUMENTATION: A flaw was found in ANGLE in Google Chrome. This vulnerability allows a remote attacker to perform out of bounds memory access via a crafted HTML (HyperText Markup Language) page. Although this was reported on Google Chrome, this issue also affected the WebKitGTK package with the same possible outcome.

STATEMENT: This vulnerability is rated as Important by the Red Hat Product Security. A maliciously crafted web page may lead to out of bound memory access, specially in WebKitGTK component, and may be leverage to perform a remote code execution. For an attack be successfully performed, the user needs to be tricked to visit the malicious web page using the affected component.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

8.8

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://access.redhat.com/security/cve/CVE-2025-14174

Severity

0

CVSS Score

Basic Information

Ecosystem

Base CVSS

EPSS Probability

0.00668%

EPSS Percentile

0.70742%

Introduced Version

Fix Available

0:2.50.4-1.el8_10,0:2.50.4-1.el9_7,2.50.4-1~deb13u1,2.50.4-1~deb12u1,2.50.4-1~deb11u1,0:2.50.4-0ubuntu0.24.04.1,0:2.50.4-0ubuntu0.22.04.1,6.10.1-r1

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2025-14174

CVE-2025-14174

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

0

Basic Information

Fix Critical Vulnerabilities Instantly