Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Details
- CVSS 3.1 Base Score: 8.8
- CVSS 3.1 Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Centos_linux | — | centos-upgrade-chromium-browsercentos-upgrade-chromium-browser-debuginfo | Aug 28, 2019 | Nov 14, 2018 |
| Debian | debian-upgrade-chromium-browser | Apr 29, 2018 | Apr 28, 2018 | |
| Freebsd | freebsd-upgrade-package-chromium | Dec 10, 2025 | Mar 8, 2018 | |
| Gentoo Linux | gentoo-linux-upgrade-www-client-chromiumgentoo-linux-upgrade-www-client-google-chrome | Mar 14, 2018 | Mar 13, 2018 | |
| Google Chrome | google-chrome-upgrade-latest | Dec 28, 2018 | Nov 14, 2018 | |
| Redhat_linux | — | redhat-upgrade-chromium-browserredhat-upgrade-chromium-browser-debuginfo | May 1, 2018 | Mar 12, 2018 |
| Suse | — | suse-upgrade-chromedriversuse-upgrade-chromium | May 10, 2018 | Mar 16, 2018 |
| Ubuntu | ubuntu-upgrade-chromium-browser | Nov 19, 2024 | Nov 14, 2018 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub