GHSA-fvpg-qx3g-7mp7

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/04/GHSA-fvpg-qx3g-7mp7/GHSA-fvpg-qx3g-7mp7.json

Aliases

CVE-2019-0771

Published

2019-04-09T19:43:29Z

Modified

2023-04-11T01:47:30.935787Z

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-0771
https://github.com/advisories/GHSA-fvpg-qx3g-7mp7
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771

Affected packages

NuGet / Microsoft.ChakraCore

Microsoft.ChakraCore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.11.7

Affected versions

1.*

1.10.0

1.10.1

1.10.2

1.11.0

1.11.1

1.11.2

1.11.3

1.11.4

1.11.5

1.11.6

1.2.0

1.2.1

1.2.2

1.2.3

1.2.6.62716-preview

1.3.0

1.3.1

1.3.2

1.4.0

1.4.1

1.4.2

1.4.3

1.4.4

1.4.5

1.5.0

1.5.1

1.5.2

1.5.3

1.6.0

1.6.2

1.7.0

1.7.1

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.8.0

1.8.1

1.8.2

1.8.3

1.8.4

1.8.5