CVE-2019-0993

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-0993

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0993.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-0993

Aliases

GHSA-2rfj-2mwp-787v

Withdrawn

2024-05-15T05:33:09.651930Z

Published

2019-06-12T14:29:02Z

Modified

2023-11-29T06:51:51.339862Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993

Affected packages

Git / github.com/chakra-core/chakracore

Affected ranges

Type: GIT
Repo: https://github.com/chakra-core/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3d6226cc2d1077537220361c82e34a362c6c76ee

Type: GIT
Repo: https://github.com/microsoft/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3d6226cc2d1077537220361c82e34a362c6c76ee

Affected versions

v1.*

v1.10.0

v1.10.1

v1.10.2

v1.11.0

v1.11.1

v1.11.2

v1.11.3

v1.11.4

v1.11.5

v1.11.6

v1.11.7

v1.11.8

v1.11.9

v1.2.0.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.8.0

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5