Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
https://www.debian.org/security/2018/dsa-4237
https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html
https://access.redhat.com/errata/RHSA-2018:1815