CVE-2014-3166

Priority
Description
The Public Key Pinning (PKP) implementation in Google Chrome before
36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on
Android, does not correctly consider the properties of SPDY connections,
which allows remote attackers to obtain sensitive information by leveraging
the use of multiple domain names.
Notes
Package
Upstream:released (36.0.1985.143)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [37.0.2062.94-0ubuntu0.14.04.1~pkg1042])
Package
Upstream:released (1.0.5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1.0.5-0ubuntu0.14.04.1])
More Information

Updated: 2020-03-18 22:20:14 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)