Severity: High


Summary:  The JavaScript engine that runs Dashboard Extensions in Tableau Desktop has a memory corruption issue.


Impact: A malicious Dashboard Extension can cause memory corruption and possibly code execution under the privileges of the user that is running Tableau Desktop.


Vulnerable Versions:  The following versions have this vulnerability:

Tableau Desktop 2018.2.0


Resolution: The issue can be fixed by upgrading to the following version:

Tableau Desktop 2018.2.2