CVE-2025-13230 — Type Confusion in Google Chrome

CWE-843 — Type Confusion8 documents8 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 73.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Chromium

Timeline

PublishedNov 18

Description

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5google/chrome142.0.7444.59 — 142.0.7444.59

▶NVDgoogle/chrome< 142.0.7444.59+1

▶Debianchromium/chromium< 142.0.7444.59-1~deb12u1+2

🔴Vulnerability Details

OSV

CVE-2025-13230: Type Confusion in V8 in Google Chrome prior to 142↗2025-11-18

▶

GHSA

GHSA-7j89-h34h-hg85: Type Confusion in V8 in Google Chrome prior to 142↗2025-11-18

▶

CVEList

CVE-2025-13230: Type Confusion in V8 in Google Chrome prior to 142↗2025-11-17

▶

📋Vendor Advisories

Red Hat

chromium-browser: Type Confusion in V8↗2025-11-17

▶

Microsoft

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)↗2025-11-11

▶

Chrome

Stable Channel Update for Desktop: CVE-2025-13229↗2025-10-28

▶

Debian

CVE-2025-13230: chromium - Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote at...↗2025

▶