GHSA-wvhv-rr3v-vhpj

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-wvhv-rr3v-vhpj/GHSA-wvhv-rr3v-vhpj.json
Aliases
  • CVE-2020-0823
Published
2021-07-28T18:57:11Z
Modified
2022-11-22T01:02:59.747992Z
Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

References

Affected packages

NuGet / Microsoft.ChakraCore

Microsoft.ChakraCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
1.11.17

Affected versions

1.*

1.10.0
1.10.1
1.10.2
1.11.0
1.11.1
1.11.10
1.11.11
1.11.12
1.11.13
1.11.14
1.11.15
1.11.16
1.11.2
1.11.3
1.11.4
1.11.5
1.11.6
1.11.7
1.11.8
1.11.9
1.2.0
1.2.1
1.2.2
1.2.3
1.2.6.62716-preview
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.5.0
1.5.1
1.5.2
1.5.3
1.6.0
1.6.2
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.7.5
1.7.6
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5