GHSA-f87w-3j5w-v58p: CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
https://nvd.nist.gov/vuln/detail/CVE-2025-2783 https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html https://issues.chromium.org/issues/405143032
References
- chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
- github.com/advisories/GHSA-f87w-3j5w-v58p
- github.com/cefsharp/CefSharp
- github.com/cefsharp/CefSharp/releases/tag/v134.3.90
- github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p
- issues.chromium.org/issues/405143032
- nvd.nist.gov/vuln/detail/CVE-2025-2783
Code Behaviors & Features
Detect and mitigate GHSA-f87w-3j5w-v58p with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →