Insufficient policy enforcement in extensions API in Google Chrome before 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
opensuse leap 42.3 |
||
opensuse leap 15.0 |
||
opensuse backports sle-15 |
||
opensuse leap 15.1 |
||
fedoraproject fedora 29 |
||
fedoraproject fedora 30 |
||
debian debian linux 10.0 |