EPSS
Percentile
86.4%
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
bugzilla.redhat.com/show_bug.cgi?id=1584050
www.cve.org/CVERecord?id=CVE-2018-6139 https://nvd.nist.gov/vuln/detail/CVE-2018-6139 https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html