VULNERABILITY

Debian: CVE-2025-24201: chromium -- security update

Try Surface Command Get a continuous 360° view of your attack surface
Gartner Peer insights
4.4 Gartner Rating
Back to Search

Debian: CVE-2025-24201: chromium -- security update

Severity
7
CVSS
(AV:N/AC:H/Au:S/C:C/I:C/A:C)
Published
03/11/2025
Created
03/15/2025
Added
03/14/2025
Modified
03/14/2025

Description

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).

Solution(s)

  • debian-upgrade-chromium

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial WATCH DEMO

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;