Chromium Security Update (MINDBREEZE34330)
ID: MINDBREEZE34330
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS
Severity: 6.8 Medium
Status: Final
First published: April 28, 2025
CVEs: CVE-2025-0444, CVE-2025-0445, CVE-2025-0995, CVE-2025-0996, CVE-2025-0997, CVE-2025-0998, CVE-2025-0999, CVE-2025-1426, CVE-2025-1006, CVE-2025-1914, CVE-2025-1916, CVE-2025-1917, CVE-2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923, CVE-2025-1920, CVE-2025-2135, CVE-2025-2137, CVE-2025-2476, Chromium internal issue: 396481096
Summary
- chromium - Component: Use after free in V8.
- chromium - Component: Heap buffer overflow in V8.
- chromium - Component: Out of bounds memory access in V8.
- chromium - Component: Out of bounds read in V8.
- chromium - Component: Type Confusion in V8.
- chromium - Component: Heap buffer overflow in GPU.
- chromium - Component: Use after free in Network.
- chromium - Component: Use after free in Navigation.
- chromium - Component: Use after free in Profiles.
- chromium - Component: Use after free in Skia.
- chromium - Component: Out of bounds read in PDFium.
- chromium - Component: Out of bounds read in Media.
- chromium - Component: Inappropriate Implementation in Media Stream.
- chromium - Component: Inappropriate Implementation in Selection.
- chromium - Component: Inappropriate Implementation in Permission Prompts.
- chromium - Component: Inappropriate Implementation in Browser UI.
Hotfix Information
Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:
- Mindbreeze InSpire 25.2 Release
- Mindbreeze InSpire Saas 25.2 Release