Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML ...

Summary

Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

What to do

Update debian chromium to version 146.0.7680.71-1~deb12u1.
Update debian chromium to version 146.0.7680.71-1~deb13u1.

Affected software

Vendor	Product	Affected versions	Fix available
debian	chromium	All versions	–
debian	chromium	<= 146.0.7680.71-1~deb12u1	146.0.7680.71-1~deb12u1
debian	chromium	<= 146.0.7680.71-1~deb13u1	146.0.7680.71-1~deb13u1
debian	chromium	All versions	–

Original title

Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML ...

Original description

Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

https://security-tracker.debian.org/tracker/CVE-2026-3938 Vendor Advisory