GHSA-jgrp-6qqq-3284

Source
https://github.com/advisories/GHSA-jgrp-6qqq-3284
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jgrp-6qqq-3284/GHSA-jgrp-6qqq-3284.json
Aliases
  • CVE-2021-42279
Published
2022-05-24T19:20:22Z
Modified
2023-11-08T04:07:05.468205Z
Details

Chakra Scripting Engine and ChakraCore are vulnerable to memory corruption due to an out-of-bounds write. The Microsoft advisory for CVE-2021-42279 was modified in August 2022 to include Microsoft.ChakraCore as an affected product.

References

Affected packages

NuGet / Microsoft.ChakraCore

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Last affected
1.11.24

Affected versions

1.*

1.2.0
1.2.1
1.2.2
1.2.3
1.2.6.62716-preview
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.5.0
1.5.1
1.5.2
1.5.3
1.6.0
1.6.2
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.7.5
1.7.6
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.10.0
1.10.1
1.10.2
1.11.0
1.11.1
1.11.2
1.11.3
1.11.4
1.11.5
1.11.6
1.11.7
1.11.8
1.11.9
1.11.10
1.11.11
1.11.12
1.11.13
1.11.14
1.11.15
1.11.16
1.11.17
1.11.18
1.11.19
1.11.20
1.11.21
1.11.22
1.11.23
1.11.24