Descriptionextensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2014:1151-1, published Mon, 22 Sep 2014 15:04:25 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Leap 15.0|| ||Patchnames: |
openSUSE Leap 15.0 GA chromium
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA chromedriver