Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Metrics
Affected Vendors & Products
References
History
No history.
Status: PUBLISHED
Assigner: Chrome
Published: 2018-12-11T15:00:00.000Z
Updated: 2024-08-05T11:08:21.361Z
Reserved: 2018-10-15T00:00:00.000Z
Link: CVE-2018-18342
No data.
Status : Modified
Published: 2018-12-11T16:29:01.170
Modified: 2026-06-17T01:47:02.180
Link: CVE-2018-18342