VYPR
Medium severity6.5NVD Advisory· Published Jun 27, 2019· Updated Jun 17, 2026

CVE-2018-16064

CVE-2018-16064

Description

Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

Affected products

2
  • Google/Chromellm-fuzzy2 versions
    <68.0.3440.75+ 1 more
    • (no CPE)range: <68.0.3440.75
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.