DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HGoogle Chrome Os
OSGoogle16002.23.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
VPN
CWE
Related vulnerabilities
CVE-2016-4171CRITICAL9.8⚠ KEVten sam produkt
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...
CVE-2016-1019CRITICAL9.8⚠ KEVten sam produkt
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application cr...
CVE-2014-0497CRITICAL9.8⚠ KEVten sam produkt
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Wind...
CVE-2025-6179CRITICAL9.8PL ✓ten sam produkt
Ominięcie uprawnień w zarządzaniu rozszerzeniami Google ChromeOS
CVE-2019-13690CRITICAL9.6ten sam produkt
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacke...