Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-desktop.html