CVE-2018-0946

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-0946

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-0946.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-0946

Aliases

GHSA-wc67-4cg3-35wf

Published

2018-05-09T19:29:00.573Z

Modified

2026-03-15T14:29:01.224417Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.

References

Affected packages

Git / github.com/microsoft/chakracore

Affected ranges

Type

GIT

Repo

https://github.com/microsoft/chakracore

Events

Introduced

Last affected

c259f22cb4d9c910d420c7fd97e256b3aa83a8ed

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.8.3"
        }
    ]
}

Affected versions

v1.*

v1.2.0.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.8.0

v1.8.1

v1.8.2

v1.8.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-0946.json"