CVE-2019-1092

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-1092

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1092.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-1092

Aliases

GHSA-2x75-mf24-588m

Withdrawn

2024-05-15T05:33:49.098998Z

Published

2019-07-15T19:15:18Z

Modified

2023-11-29T06:55:18.043738Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092

Affected packages

Git / github.com/chakra-core/chakracore

Affected ranges

Type: GIT
Repo: https://github.com/chakra-core/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

75162b7f2d8ac2b37d17564e9c979ba1bae707e8

Type: GIT
Repo: https://github.com/microsoft/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

75162b7f2d8ac2b37d17564e9c979ba1bae707e8

Affected versions

v1.*

v1.10.0

v1.10.1

v1.10.2

v1.11.0

v1.11.1

v1.11.10

v1.11.2

v1.11.3

v1.11.4

v1.11.5

v1.11.6

v1.11.7

v1.11.8

v1.11.9

v1.2.0.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.8.0

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5