CVE-2018-8280

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-8280

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8280.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-8280

Aliases

GHSA-wwm6-r38h-ppg7

Withdrawn

2024-05-15T05:32:26.404320Z

Published

2018-07-11T00:29:01Z

Modified

2023-11-29T06:48:03.409065Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294.

References

Affected packages

Git / github.com/chakra-core/chakracore

Affected ranges

Type: GIT
Repo: https://github.com/chakra-core/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

317a8bacf5ea5fc607cc03fa25f1373d82821887

Type: GIT
Repo: https://github.com/microsoft/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

317a8bacf5ea5fc607cc03fa25f1373d82821887

Affected versions

v1.*

v1.10.0

v1.2.0.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.8.0

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5