WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome prior to 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote malicious users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |