CVE-2025-5064 | Google Chrome up to 136.0.7103.113 Background Fetch API cross-domain policy

Inserito da Angelo Barbosa | Mag 27, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Google Chrome. Affected by this issue is some unknown functionality of the component Background Fetch API. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is handled as CVE-2025-5064. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-5064 | Google Chrome up to 136.0.7103.113 Background Fetch API cross-domain policy

Post correlati

CVE-2024-28135 | Phoenix Contact CHARX SEC-3150 up to 1.5.1 API injection (VDE-2024-019)

CVE-2023-6307 | jeecgboot JimuReport up to 1.6.1 /download/image imageUrl path traversal

CVE-2023-48642 | Archer Platform up to 6.13 P1 cross site scripting

CVE-2024-43808 | JetBrains TeamCity up to 2024.07 HashiCorp Vault Vlugin cross site scripting