Inappropriate Implementation in Navigations in Google Chrome Affects User Security
CVE-2025-3071

Currently unrated

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 2 April 2025

Summary

A vulnerability in Google Chrome's handling of navigations prior to version 135.0.7049.52 allows remote attackers to exploit specific UI gestures. By enticing users to interact with a crafted HTML page, an attacker can bypass the same origin policy, leading to potentially unauthorized access to sensitive data or resources. It underscores the importance of keeping browser versions updated to mitigate security risks associated with user interface interactions.

Affected Version(s)

Chrome 135.0.7049.52

References

https://chromereleases.googleblog.com/2025/04/stable-chan...

https://issues.chromium.org/issues/40051596

Timeline

Vulnerability published
Apr 2, 2025
Vulnerability Reserved
Mar 31, 2025