Base Score

MEDIUM4.3

CVE-2025-9479

Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

VectorNETWORK

Published Bychrome-cve-admin@google.com

Published DateNov 14, 2025, 03:15

Weakness Type (CWE):CWE-125

CVSS Metrics

Base Score

4.3

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

LOW

References

https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/390743124

Base Score

MEDIUM4.3

Weakness Type (CWE):CWE-125

CVSS Metrics

Base Score

4.3

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

LOW