Information Disclosure Vulnerability in Google Chrome
CVE-2025-1921
6.5MEDIUM
Summary
An inappropriate implementation in the Media Stream component of Google Chrome prior to version 134.0.6998.35 could potentially allow a remote attacker to gain unauthorized access to sensitive information pertaining to a user's peripheral devices through a specially crafted HTML page.
Affected Version(s)
Chrome 134.0.6998.35
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved