{"dataType": "CVE_RECORD", "containers": {"adp": [{"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"not yet assigned\"}"}}}], "affected": [{"vendor": "debian", "product": "chromium", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-common", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-common-dbgsym", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-dbgsym", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-driver", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-l10n", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-sandbox", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-sandbox-dbgsym", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-shell", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium-shell-dbgsym", "platforms": ["bullseye"], "defaultStatus": "affected"}, {"vendor": "debian", "product": "chromium", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-common", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-common-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-headless-shell", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-headless-shell-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-l10n", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-sandbox", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-sandbox-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-shell", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-shell-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1~deb12u1", "versionType": "deb"}], "platforms": ["bookworm"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-common", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-common-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-driver", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-headless-shell", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-headless-shell-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-l10n", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-sandbox", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-sandbox-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-shell", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}, {"vendor": "debian", "product": "chromium-shell-dbgsym", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113-1", "versionType": "deb"}], "platforms": ["forky", "sid", "trixie"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-tracker.debian.org/tracker/CVE-2025-4664"}], "descriptions": [{"lang": "en", "value": "Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)"}], "providerMetadata": {"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian", "dateUpdated": "2025-05-15T00:00:00.000Z", "x_subShortName": "debian"}}, {"metrics": [{"other": {"type": "Unknown", "content": {"data": "{\"description\":\"high\"}"}}}], "affected": [{"vendor": "fedora", "product": "chromium", "versions": [{"status": "affected", "version": "0", "lessThan": "0:136.0.7103.113-1.fc41", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:41"], "defaultStatus": "unaffected"}, {"vendor": "fedora", "product": "chromium", "versions": [{"status": "affected", "version": "0", "lessThan": "0:136.0.7103.113-1.fc42", "versionType": "rpm"}], "platforms": ["cpe:/o:fedoraproject:fedora:42"], "defaultStatus": "unaffected"}], "references": [{"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-9b9b36bc72"}, {"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-bd02634055"}], "descriptions": [{"lang": "en", "value": "Update to 136.0.7103.113\n\n  * CVE-2025-4664: Insufficient policy enforcement in Loader\n  * CVE-2025-4609: Incorrect handle provided in unspecified circumstances in Mojo"}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2025-05-18T01:09:04Z", "x_subShortName": "fedora"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "vendor": "google", "product": "chrome", "versions": [{"status": "affected", "version": "0", "lessThan": "136.0.7103.113", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://issues.chromium.org/issues/415810136", "tags": ["permissions-required"]}, {"url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html", "tags": ["release-notes"]}], "descriptions": [{"lang": "en", "value": "Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)"}, {"lang": "es", "value": "La aplicación insuficiente de políticas en Loader en Google Chrome anterior a la versión 136.0.7103.113 permitió que un atacante remoto filtrara datos de origen cruzado mediante una página HTML manipulada. (Severidad de seguridad de Chromium: Alta)"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "NVD-CWE-noinfo"}]}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2025-05-14T18:15:33Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2025-4664", "state": "PUBLISHED", "dateUpdated": "2025-06-06T01:00:02Z", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "datePublished": "2025-05-14T18:15:33Z", "assignerShortName": "Chrome"}, "dataVersion": "5.0"}