Security researcher Micha.. Bentkowski discovered a high severity vulnerability in Google Chrome in late May. Chrome security team described the issue as incorrect handling of CSP header in blog post. The patch for the vulnerability has already been rolled out to its users in a stable Chrome update 67.0.3396.79 for Windows, Mac, and Linux operating system, which users may have already received or will receive over the coming days/weeks. Users of the stable version of Firefox are also recommended to update their browser.
Source: https://thehackernews.com/2018/06/google-chrome-csp.html