CVE-2018-18344

Summary

Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension.

Affected Software

VendorProductVersion RangeStatus
n/an/an/aaffected

Weaknesses

  • Inappropriate implementation

ADP Enrichment

CVE Program Container

Additional References

References