Palo Alto Networks Security Advisories / PAN-SA-2025-0007

PAN-SA-2025-0007 Chromium: Monthly Vulnerability Update (March 2025)

Urgency MODERATE

047910
Severity 7.6 · HIGH
Exploit Maturity UNREPORTED
Response Effort LOW
Recovery USER
Value Density DIFFUSE
Attack Vector NETWORK
Attack Complexity LOW
Attack Requirements NONE
Automatable NO
User Interaction ACTIVE
Product Confidentiality HIGH
Product Integrity HIGH
Product Availability HIGH
Privileges Required NONE
Subsequent Confidentiality HIGH
Subsequent Integrity HIGH
Subsequent Availability HIGH
JSON CSAF
Published 2025-03-12
Updated 2025-03-12
Discovered externally

Description

Palo Alto Networks incorporated the following Chromium security fixes into our products:

CVESummary
CVE-2025-0995Use after free in V8
CVE-2025-0996Inappropriate implementation in Browser UI
CVE-2025-0997Use after free in Navigation
CVE-2025-0998Out of bounds memory access in V8
CVE-2025-0999Heap buffer overflow in V8
CVE-2025-1006Use after free in Network
CVE-2025-1426Heap buffer overflow in GPU
CVE-2025-1914Out of bounds read in V8
CVE-2025-1915Improper Limitation of a Pathname to a Restricted Directory in DevTools
CVE-2025-1916Use after free in Profiles
CVE-2025-1917Inappropriate implementation in Browser UI
CVE-2025-1918Out of bounds read in PDFium
CVE-2025-1919Out of bounds read in Media
CVE-2025-1921Inappropriate implementation in Media Stream
CVE-2025-1922Inappropriate implementation in Selection
CVE-2025-1923Inappropriate implementation in Permission Prompts

Product Status

VersionsAffectedUnaffected
Prisma Access Browser< 133.16.4.99>= 134.7.4.44

Required Configuration for Exposure

No special configuration is required to be affected by this issue.

Severity: HIGH, Suggested Urgency: MODERATE

CVSS-BT: 7.6 / CVSS-B: 9.4 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/AU:N/R:U/V:D/RE:L/U:Amber)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Solution

CVEPrisma Access Browser
CVE-2025-0995
133.16.4.99
CVE-2025-0996
133.16.4.99
CVE-2025-0997
133.16.4.99
CVE-2025-0998
133.16.4.99
CVE-2025-0999
133.27.6.127
CVE-2025-1006
133.27.6.127
CVE-2025-1426
133.27.6.127
CVE-2025-1914
134.7.4.44
CVE-2025-1915
134.7.4.44
CVE-2025-1916
134.7.4.44
CVE-2025-1917
134.7.4.44
CVE-2025-1918
134.7.4.44
CVE-2025-1919
134.7.4.44
CVE-2025-1921
134.7.4.44
CVE-2025-1922
134.7.4.44
CVE-2025-1923
134.7.4.44

Workarounds and Mitigations

No workaround or mitigation is available.

Timeline

Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.