{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"141.0.7390.76-bp160.1.1","chromium":"141.0.7390.76-bp160.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"141.0.7390.76-bp160.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChromium 141.0.7390.76:\n\n  * Do not send URLs as AIM input. This is to resolve a privacy\n    concern, around passing urls to AI Mode.\n\nChromium 141.0.7390.65 (boo#1251334):\n\n  * CVE-2025-11458: Heap buffer overflow in Sync\n  * CVE-2025-11460: Use after free in Storage\n  * CVE-2025-11211: Out of bounds read in WebCodecs\n\nChromium 141.0.7390.54 (stable released 2025-09-30) (boo#1250780)\n\n  * CVE-2025-11205: Heap buffer overflow in WebGPU\n  * CVE-2025-11206: Heap buffer overflow in Video\n  * CVE-2025-11207: Side-channel information leakage in Storage\n  * CVE-2025-11208: Inappropriate implementation in Media\n  * CVE-2025-11209: Inappropriate implementation in Omnibox\n  * CVE-2025-11210: Side-channel information leakage in Tab\n  * CVE-2025-11211: Out of bounds read in Media\n  * CVE-2025-11212: Inappropriate implementation in Media\n  * CVE-2025-11213: Inappropriate implementation in Omnibox\n  * CVE-2025-11215: Off by one error in V8\n  * CVE-2025-11216: Inappropriate implementation in Storage\n  * CVE-2025-11219: Use after free in V8\n  * Various fixes from internal audits, fuzzing and other initiatives\n\nChromium 141.0.7390.37 (beta released 2025-09-24)\n\nChromium 140.0.7339.207 (boo#1250472)\n\n  * CVE-2025-10890: Side-channel information leakage in V8\n  * CVE-2025-10891: Integer overflow in V8\n  * CVE-2025-10892: Integer overflow in V8\n\n","id":"openSUSE-SU-2025:20020-1","modified":"2025-10-15T13:33:21Z","published":"2025-10-15T13:33:21Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1250472"},{"type":"REPORT","url":"https://bugzilla.suse.com/1250780"},{"type":"REPORT","url":"https://bugzilla.suse.com/1251334"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-10890"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-10891"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-10892"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11205"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11206"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11207"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11208"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11209"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11210"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11211"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11212"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11213"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11215"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11216"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11219"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11458"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11460"}],"related":["CVE-2025-10890","CVE-2025-10891","CVE-2025-10892","CVE-2025-11205","CVE-2025-11206","CVE-2025-11207","CVE-2025-11208","CVE-2025-11209","CVE-2025-11210","CVE-2025-11211","CVE-2025-11212","CVE-2025-11213","CVE-2025-11215","CVE-2025-11216","CVE-2025-11219","CVE-2025-11458","CVE-2025-11460"],"summary":"Security update for chromium","upstream":["CVE-2025-10890","CVE-2025-10891","CVE-2025-10892","CVE-2025-11205","CVE-2025-11206","CVE-2025-11207","CVE-2025-11208","CVE-2025-11209","CVE-2025-11210","CVE-2025-11211","CVE-2025-11212","CVE-2025-11213","CVE-2025-11215","CVE-2025-11216","CVE-2025-11219","CVE-2025-11458","CVE-2025-11460"]}