{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"136.0.7103.59-bp156.2.113.2","chromium":"136.0.7103.59-bp156.2.113.2"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"136.0.7103.59-bp156.2.113.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"136.0.7103.59-bp156.2.113.2","chromium":"136.0.7103.59-bp156.2.113.2"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"136.0.7103.59-bp156.2.113.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Chromium 136.0.7103.48\n  (stable release 2025-04-29) (boo#1242153)\n  * CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11\n  * CVE-2025-4050: Out of bounds memory access in DevTools. Reported by Anonymous on 2025-04-09\n  * CVE-2025-4051: Insufficient data validation in DevTools. Reported by Daniel Fröjdendahl on 2025-03-1\n  * CVE-2025-4052: Inappropriate implementation in DevTools. Reported by vanillawebdev on 2025-03-10\n- bump esbuild from 0.24.0 to 0.25.1\n  * Fix incorrect paths in inline source maps (#4070, #4075, #4105)\n  * Fix invalid generated source maps (#4080, #4082, #4104, #4107)\n  * Fix a regression with non-file source map paths (#4078)\n  * Update Go from 1.23.5 to 1.23.7 (#4076, #4077)\n\n- Chromium 135.0.7049.114\n  (stable release 2025-04-22)\n  * stability fixes\n","id":"openSUSE-SU-2025:0145-1","modified":"2025-05-06T06:05:59Z","published":"2025-05-06T06:05:59Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IHE6M4AT6OVVDTRDDU6SOI4R4QJUUUFP/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242153"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4050"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4051"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4052"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4096"}],"related":["CVE-2025-4050","CVE-2025-4051","CVE-2025-4052","CVE-2025-4096"],"summary":"Security update for chromium","upstream":["CVE-2025-4050","CVE-2025-4051","CVE-2025-4052","CVE-2025-4096"]}