GHSA-f87w-3j5w-v58p

Suggest an improvement
Source
https://github.com/advisories/GHSA-f87w-3j5w-v58p
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/04/GHSA-f87w-3j5w-v58p/GHSA-f87w-3j5w-v58p.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-f87w-3j5w-v58p
Published
2025-04-12T03:43:57Z
Modified
2025-04-12T03:56:28.897203Z
Severity
  • 8.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
Summary
CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
Details

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

https://nvd.nist.gov/vuln/detail/CVE-2025-2783 https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html https://issues.chromium.org/issues/405143032

Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-12T03:43:57Z"
}
References

Affected packages

NuGet / CefSharp.Wpf

Package

Name
CefSharp.Wpf
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

1.*

1.25.2-perlun0
1.25.3
1.25.4
1.25.5
1.25.6
1.25.7
1.25.8

3.*

3.29.0-pre0

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190
98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.120-pre
100.0.140
100.0.230

101.*

101.0.150
101.0.180

102.*

102.0.90
102.0.100

103.*

103.0.80
103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.50
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.130
116.0.150
116.0.190
116.0.230

117.*

117.2.20
117.2.40

118.*

118.6.80

119.*

119.1.20
119.4.30

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70
121.3.130

122.*

122.1.120

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70
126.2.180

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.10
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60

NuGet / CefSharp.Wpf.HwndHost

Package

Name
CefSharp.Wpf.HwndHost
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf.HwndHost

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

83.*

83.4.20-pre

84.*

84.4.10

85.*

85.3.121
85.3.130

86.*

86.0.241

88.*

88.2.90

89.*

89.0.170

90.*

90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.260

93.*

93.1.140

94.*

94.4.50
94.4.110

95.*

95.7.141

96.*

96.0.170
96.0.180

97.*

97.1.11
97.1.61

98.*

98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.140

101.*

101.0.150
101.0.180

102.*

102.0.90

103.*

103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.150
116.0.230

117.*

117.2.20

118.*

118.6.80

119.*

119.1.20

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60

NuGet / CefSharp.Wpf.NetCore

Package

Name
CefSharp.Wpf.NetCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf.NetCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190
98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.120-pre
100.0.140
100.0.230

101.*

101.0.150
101.0.180

102.*

102.0.90
102.0.100

103.*

103.0.80
103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.50
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.130
116.0.150
116.0.190
116.0.230

117.*

117.2.20
117.2.40

118.*

118.6.80

119.*

119.1.20
119.4.30

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70
121.3.130

122.*

122.1.120

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70
126.2.180

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.10
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60

NuGet / CefSharp.WinForms

Package

Name
CefSharp.WinForms
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.WinForms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

1.*

1.25.3

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190
98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.120-pre
100.0.140
100.0.230

101.*

101.0.150
101.0.180

102.*

102.0.90
102.0.100

103.*

103.0.80
103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.50
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.130
116.0.150
116.0.190
116.0.230

117.*

117.2.20
117.2.40

118.*

118.6.80

119.*

119.1.20
119.4.30

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70
121.3.130

122.*

122.1.120

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70
126.2.180

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.10
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60

NuGet / CefSharp.WinForms.NetCore

Package

Name
CefSharp.WinForms.NetCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.WinForms.NetCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190
98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.120-pre
100.0.140
100.0.230

101.*

101.0.150
101.0.180

102.*

102.0.90
102.0.100

103.*

103.0.80
103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.50
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.130
116.0.150
116.0.190
116.0.230

117.*

117.2.20
117.2.40

118.*

118.6.80

119.*

119.1.20
119.4.30

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70
121.3.130

122.*

122.1.120

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70
126.2.180

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.10
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60

NuGet / CefSharp.OffScreen.NetCore

Package

Name
CefSharp.OffScreen.NetCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.OffScreen.NetCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190
98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.120-pre
100.0.140
100.0.230

101.*

101.0.150
101.0.180

102.*

102.0.90
102.0.100

103.*

103.0.80
103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.50
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.130
116.0.150
116.0.190
116.0.230

117.*

117.2.20
117.2.40

118.*

118.6.80

119.*

119.1.20
119.4.30

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70
121.3.130

122.*

122.1.120

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70
126.2.180

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.10
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60

NuGet / CefSharp.OffScreen

Package

Name
CefSharp.OffScreen
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.OffScreen

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
134.3.90

Affected versions

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190
98.1.210

99.*

99.2.90
99.2.120
99.2.140

100.*

100.0.120-pre
100.0.140
100.0.230

101.*

101.0.150
101.0.180

102.*

102.0.90
102.0.100

103.*

103.0.80
103.0.90
103.0.120

104.*

104.4.180
104.4.240

105.*

105.3.330
105.3.390

106.*

106.0.260
106.0.290

107.*

107.1.40
107.1.50
107.1.90
107.1.120

108.*

108.4.130

109.*

109.1.110

110.*

110.0.250
110.0.280
110.0.300

111.*

111.2.20
111.2.70

112.*

112.2.70
112.3.0

113.*

113.1.40
113.3.50

114.*

114.2.100
114.2.120

115.*

115.3.110
115.3.130

116.*

116.0.130
116.0.150
116.0.190
116.0.230

117.*

117.2.20
117.2.40

118.*

118.6.80

119.*

119.1.20
119.4.30

120.*

120.1.80
120.1.110
120.2.50
120.2.70

121.*

121.3.70
121.3.130

122.*

122.1.120

123.*

123.0.60

124.*

124.3.20
124.3.50
124.3.80

125.*

125.0.210

126.*

126.2.70
126.2.180

127.*

127.3.50

128.*

128.4.90

129.*

129.0.110

130.*

130.1.90

131.*

131.2.70
131.3.10
131.3.50

132.*

132.3.11

133.*

133.4.21

134.*

134.3.60