CVE-2016-1656
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.
Date published : 2016-04-18
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html