CVE-2025-0448

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 15, 2025

CWE ID 79

Summary

CVE-2025-0448 refers to a low-severity vulnerability in Google Chrome's Compositing feature, which was present before version 132.0.6834.83. The issue stems from an inappropriate implementation, allowing a remote attacker to execute UI (User Interface) spoofing attacks through a specially crafted HTML page. This means that the attacker could trick users into entering sensitive information or performing unintended actions by manipulating the appearance of web content.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2chMiS
https://www.cve.org/CVERecord?id=CVE-2025-0448
https://nvd.nist.gov/vuln/detail/CVE-2025-0448

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-0448

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations