[Palo Alto Networks Security Advisories] PAN-SA-2025-0007 Chromium: Monthly Vulnerability Update (March 2025)
Palo Alto Networks Security Advisories /PAN-SA-2025-0007
PAN-SA-2025-0007 Chromium: Monthly Vulnerability Update (March 2025)
Description
Palo Alto Networks incorporated the following Chromium security fixes into our products:
- https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html
- https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html
- https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html
| CVE | Summary |
|---|---|
| CVE-2025-0995 | Use after free in V8 |
| CVE-2025-0996 | Inappropriate implementation in Browser UI |
| CVE-2025-0997 | Use after free in Navigation |
| CVE-2025-0998 | Out of bounds memory access in V8 |
| CVE-2025-0999 | Heap buffer overflow in V8 |
| CVE-2025-1006 | Use after free in Network |
| CVE-2025-1426 | Heap buffer overflow in GPU |
| CVE-2025-1914 | Out of bounds read in V8 |
| CVE-2025-1915 | Improper Limitation of a Pathname to a Restricted Directory in DevTools |
| CVE-2025-1916 | Use after free in Profiles |
| CVE-2025-1917 | Inappropriate implementation in Browser UI |
| CVE-2025-1918 | Out of bounds read in PDFium |
| CVE-2025-1919 | Out of bounds read in Media |
| CVE-2025-1921 | Inappropriate implementation in Media Stream |
| CVE-2025-1922 | Inappropriate implementation in Selection |
| CVE-2025-1923 | Inappropriate implementation in Permission Prompts |
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| Prisma Access Browser | < 133.16.4.99 | >= 134.7.4.44 |
Required Configuration for Exposure
No special configuration is required to be affected by this issue.
Severity:HIGH, Suggested Urgency:MODERATE
CVSS-BT:7.6 /CVSS-B:9.4 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/AU:N/R:U/V:D/RE:L/U:Amber)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Solution
| CVE | Prisma Access Browser |
|---|---|
| CVE-2025-0995 | 133.16.4.99 |
| CVE-2025-0996 | 133.16.4.99 |
| CVE-2025-0997 | 133.16.4.99 |
| CVE-2025-0998 | 133.16.4.99 |
| CVE-2025-0999 | 133.27.6.127 |
| CVE-2025-1006 | 133.27.6.127 |
| CVE-2025-1426 | 133.27.6.127 |
| CVE-2025-1914 | 134.7.4.44 |
| CVE-2025-1915 | 134.7.4.44 |
| CVE-2025-1916 | 134.7.4.44 |
| CVE-2025-1917 | 134.7.4.44 |
| CVE-2025-1918 | 134.7.4.44 |
| CVE-2025-1919 | 134.7.4.44 |
| CVE-2025-1921 | 134.7.4.44 |
| CVE-2025-1922 | 134.7.4.44 |
| CVE-2025-1923 | 134.7.4.44 |
Workarounds and Mitigations
No workaround or mitigation is available.
Timeline
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
