Medium severity4.3NVD Advisory· Published Nov 25, 2019· Updated Jun 17, 2026
CVE-2019-13718
CVE-2019-13718
Description
Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Affected products
12- osv-coords10 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/re2&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/re2&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP3pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/re2&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/re2&distro=SUSE%20Package%20Hub%2015%20SP1
< 78.0.3904.70-lp151.2.39.1+ 9 more
- (no CPE)range: < 78.0.3904.70-lp151.2.39.1
- (no CPE)range: < 78.0.3904.70-lp151.2.39.1
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 20190901-lp151.10.3.1
- (no CPE)range: < 20190901-lp151.10.3.1
- (no CPE)range: < 78.0.3904.87-10.1
- (no CPE)range: < 78.0.3904.70-bp150.240.1
- (no CPE)range: < 78.0.3904.70-bp151.3.21.1
- (no CPE)range: < 20190901-bp150.25.1
- (no CPE)range: < 20190901-bp151.6.3.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.