CVE-2019-5768

DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.

Date published : 2019-02-19

http://www.securityfocus.com/bid/106767

https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html