Back to CVE Lookup
CVE-2018-17480
HIGH - CVSS 8.8CWE-787
Published: 12/11/2018
Modified: 10/24/2025
Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Vulnerability Summary
CVSS v3 Score
8.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2 Score
6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P