{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Chromium and Prisma Browser: Monthly Vulnerability Update (April 2025)"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: PAN-SA-2025-0008","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:33:55.629Z","generator":{"date":"2026-04-11T00:33:55.629Z","engine":{"name":"Vulnogram","version":"0.1.0-dev"}},"id":"PAN-SA-2025-0008","initial_release_date":"2025-04-09T16:00:00.000Z","revision_history":[{"number":"1","date":"2025-04-09T09:00:00.000Z","summary":"Initial publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Prisma Browser","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/Prisma Browser<132.83.3017.1","product":{"name":"Palo Alto Networks Prisma Browser","product_id":"PANW-Prisma-Access-Browser-34"}},{"category":"product_version_range","name":"vers:generic/Prisma Browser>=134.29.5.178","product":{"name":"Palo Alto Networks Prisma Browser","product_id":"PANW-Prisma-Access-Browser-35"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2025-1920","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Type Confusion in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-1920","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-1920"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Type Confusion in V8"}]},{"cve":"CVE-2025-2135","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Type Confusion in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-2135","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2135"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Type Confusion in V8"}]},{"cve":"CVE-2025-2136","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Use after free in Inspector"}],"references":[{"category":"external","summary":"NVD - CVE-2025-2136","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2136"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Use after free in Inspector"}]},{"cve":"CVE-2025-2137","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Out of bounds read in V8"}],"references":[{"category":"external","summary":"NVD - CVE-2025-2137","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2137"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Out of bounds read in V8"}]},{"cve":"CVE-2025-2476","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Use after free in Lens"}],"references":[{"category":"external","summary":"NVD - CVE-2025-2476","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2476"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Use after free in Lens"}]},{"cve":"CVE-2025-2783","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Incorrect handle provided in unspecified circumstances in Mojo"}],"references":[{"category":"external","summary":"NVD - CVE-2025-2783","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2783"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Incorrect handle provided in unspecified circumstances in Mojo"}]},{"cve":"CVE-2025-0129","product_status":{"fixed":["PANW-Prisma-Access-Browser-35"],"known_affected":["PANW-Prisma-Access-Browser-34"]},"notes":[{"category":"description","text":"Prisma Browser: Inappropriate control behavior in Prisma Browser"}],"references":[{"category":"external","summary":"NVD - CVE-2025-0129","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-0129"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2025-0008","url":"https://security.paloaltonetworks.com/PAN-SA-2025-0008"}],"threats":[{"category":"impact","description":"Prisma Browser: Inappropriate control behavior in Prisma Browser"}]}]}