CVE-2018-6033

Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt