NVD - CVE-2025-8901 - NFHN Reader

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html	Chrome	Release Notes Vendor Advisory
https://issues.chromium.org/issues/435139154	Chrome	Issue Tracking Permissions Required

Change History

5 change records found show changes

Modified Analysis by NIST 9/26/2025 1:34:17 PM

Action	Type	Old Value	New Value

CVE Modified by CISA-ADP 8/28/2025 1:15:38 PM

Action	Type	Old Value	New Value
Removed	CWE	CWE-787

Initial Analysis by NIST 8/13/2025 9:07:54 PM

Action	Type	New Value
Added	CPE Configuration	AND OR cpe:2.3:a:google:chrome::::::::* versions up to (excluding) 139.0.7258.127 OR cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:apple:macos:-:::::::*
Added	Reference Type	Chrome: https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html Types: Release Notes, Vendor Advisory
Added	Reference Type	Chrome: https://issues.chromium.org/issues/435139154 Types: Issue Tracking, Permissions Required

Action

Type

Old Value

New Value

Added

CPE Configuration

AND
     OR
          *cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to (excluding) 139.0.7258.127
     OR
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
          cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Added

Reference Type

Chrome: https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html Types: Release Notes, Vendor Advisory

Added

Reference Type

Chrome: https://issues.chromium.org/issues/435139154 Types: Issue Tracking, Permissions Required

CVE Modified by CISA-ADP 8/13/2025 4:15:34 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		CWE-787

New CVE Received from Chrome 8/12/2025 11:15:40 PM

Action	Type	New Value
Added	Description	Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Added	CWE	CWE-787
Added	Reference	https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html
Added	Reference	https://issues.chromium.org/issues/435139154