Unrated severityCISA KEVNVD Advisory· Published Nov 14, 2018· Updated Oct 21, 2025

CVE-2018-17463

Description

Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Affected products

Google/Chromev5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2018:3004mitrevendor-advisoryx_refsource_REDHAT
security.gentoo.org/glsa/201811-10mitrevendor-advisoryx_refsource_GENTOO
www.debian.org/security/2018/dsa-4330mitrevendor-advisoryx_refsource_DEBIAN
packetstormsecurity.com/files/156640/Google-Chrome-67-68-69-Object.create-Type-Confusion.htmlmitrex_refsource_MISC
www.securityfocus.com/bid/105666mitrevdb-entryx_refsource_BID
chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.htmlmitrex_refsource_CONFIRM
crbug.com/888923mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.074
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000