CVE-2025-2783 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-2783 Interim 1 10 2026-03-05T01:33:30Z current 2025-03-28T00:15:17Z 2026-03-05T01:33:30Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-2783 Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SJEX6ZT5W5GYLZEQIA7L2J32HG4KGMAX/ E-Mail link for openSUSE-SU-2025:0111-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3WBRCQJYFKUAGSQ5SHW67JST3P5FSU4D/ E-Mail link for openSUSE-SU-2025:14961-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 openSUSE Leap 15.6 NonFree openSUSE Tumbleweed MozillaFirefox-128.9.0-150200.152.176.1 MozillaFirefox-140.2.0-160000.1.2 MozillaFirefox-devel-140.2.0-160000.1.2 MozillaFirefox-translations-common-128.9.0-150200.152.176.1 MozillaFirefox-translations-common-140.2.0-160000.1.2 MozillaFirefox-translations-other-128.9.0-150200.152.176.1 MozillaFirefox-translations-other-140.2.0-160000.1.2 firefox-esr-128.9.0-1.1 firefox-esr-branding-upstream-128.9.0-1.1 firefox-esr-translations-common-128.9.0-1.1 firefox-esr-translations-other-128.9.0-1.1 libQt5Pdf5-5.15.19-1.1 libQt5PdfWidgets5-5.15.19-1.1 libqt5-qtpdf-devel-5.15.19-1.1 libqt5-qtpdf-examples-5.15.19-1.1 libqt5-qtpdf-imports-5.15.19-1.1 libqt5-qtpdf-private-headers-devel-5.15.19-1.1 libqt5-qtwebengine-5.15.19-1.1 libqt5-qtwebengine-devel-5.15.19-1.1 libqt5-qtwebengine-examples-5.15.19-1.1 libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 opera-117.0.5408.163-lp156.2.32.1 MozillaFirefox-128.9.0-150200.152.176.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 MozillaFirefox-translations-common-128.9.0-150200.152.176.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 MozillaFirefox-translations-other-128.9.0-150200.152.176.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 MozillaFirefox-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-devel-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-translations-common-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-translations-other-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 opera-117.0.5408.163-lp156.2.32.1 as a component of openSUSE Leap 15.6 NonFree firefox-esr-128.9.0-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.9.0-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.9.0-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.9.0-1.1 as a component of openSUSE Tumbleweed libQt5Pdf5-5.15.19-1.1 as a component of openSUSE Tumbleweed libQt5PdfWidgets5-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-examples-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-imports-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-private-headers-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-examples-5.15.19-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 as a component of openSUSE Tumbleweed Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) CVE-2025-2783 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:MozillaFirefox-128.9.0-150200.152.176.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:MozillaFirefox-translations-common-128.9.0-150200.152.176.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:MozillaFirefox-translations-other-128.9.0-150200.152.176.1 SUSE Linux Enterprise Server 16.0:MozillaFirefox-140.2.0-160000.1.2 SUSE Linux Enterprise Server 16.0:MozillaFirefox-devel-140.2.0-160000.1.2 SUSE Linux Enterprise Server 16.0:MozillaFirefox-translations-common-140.2.0-160000.1.2 SUSE Linux Enterprise Server 16.0:MozillaFirefox-translations-other-140.2.0-160000.1.2 openSUSE Leap 15.6 NonFree:opera-117.0.5408.163-lp156.2.32.1 openSUSE Tumbleweed:firefox-esr-128.9.0-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.9.0-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.9.0-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.9.0-1.1 openSUSE Tumbleweed:libQt5Pdf5-5.15.19-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.19-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.19-1.1 important