CVE-2014-1716 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-1716 Interim 1 12 2024-09-15T01:53:45Z current 2021-05-30T13:19:26Z 2024-09-15T01:53:45Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-1716 Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.0 openSUSE Tumbleweed chromedriver-55.0.2883.75-3.1 chromium-55.0.2883.75-3.1 chromium-66.0.3359.170-lp150.1.1 ungoogled-chromium-113.0.5672.92-1.1 ungoogled-chromium-chromedriver-113.0.5672.92-1.1 chromium-66.0.3359.170-lp150.1.1 as a component of openSUSE Leap 15.0 chromedriver-55.0.2883.75-3.1 as a component of openSUSE Tumbleweed chromium-55.0.2883.75-3.1 as a component of openSUSE Tumbleweed ungoogled-chromium-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed ungoogled-chromium-chromedriver-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." CVE-2014-1716 openSUSE Leap 15.0:chromium-66.0.3359.170-lp150.1.1 openSUSE Tumbleweed:chromedriver-55.0.2883.75-3.1 openSUSE Tumbleweed:chromium-55.0.2883.75-3.1 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P