Use After Free Vulnerability in Google Chrome DevTools
CVE-2025-0762

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 29 January 2025

Summary

A use after free vulnerability in the DevTools of Google Chrome allows remote attackers to exploit heap corruption through a specially crafted Chrome Extension. This issue affects versions prior to 132.0.6834.159, potentially allowing an attacker to manipulate memory and execute arbitrary code. Users are advised to upgrade to the latest version to mitigate this security risk.

Affected Version(s)

Chrome 132.0.6834.159

References

https://chromereleases.googleblog.com/2025/01/stable-chan...

https://issues.chromium.org/issues/384844003

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 29, 2025
Vulnerability Reserved
Jan 27, 2025