Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
References
| Link | Resource |
|---|---|
| https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html | Release Notes |
| https://issues.chromium.org/issues/382540635 | Permissions Required |
Configurations
History
01 Apr 2025, 20:41
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | |
| First Time |
Google
Google chrome |
|
| References | () https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html - Release Notes | |
| References | () https://issues.chromium.org/issues/382540635 - Permissions Required |
05 Mar 2025, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
| Summary |
|
05 Mar 2025, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-05 04:15
Updated : 2025-04-01 20:41
NVD link : CVE-2025-1923
Mitre link : CVE-2025-1923
CVE.ORG link : CVE-2025-1923
JSON object : View
Products Affected
- chrome
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames