Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
https://access.redhat.com/errata/RHSA-2018:2666
https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html