Information Disclosure Vulnerability in Google Chrome
CVE-2025-1921

6.5MEDIUM

Key Information:

Vendor
Google
Status
Chrome
Vendor
CVE Published:
5 March 2025

Summary

An inappropriate implementation in the Media Stream component of Google Chrome prior to version 134.0.6998.35 could potentially allow a remote attacker to gain unauthorized access to sensitive information pertaining to a user's peripheral devices through a specially crafted HTML page.

Affected Version(s)

Chrome 134.0.6998.35

References

https://chromereleases.googleblog.com/2025/03/stable-chan...
https://issues.chromium.org/issues/387583503

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.