Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/56533?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "type": "nuget", "namespace": "", "name": "Microsoft.ChakraCore", "version": "1.11.6", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.11.16", "latest_non_vulnerable_version": "1.11.23", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13604?format=api", "vulnerability_id": "VCID-18bt-p9bu-7kcg", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0937" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7827e117753052d479fabe19a25cfece88059bca", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7827e117753052d479fabe19a25cfece88059bca" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0937", "reference_id": "CVE-2019-0937", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0937" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937", "reference_id": "CVE-2019-0937", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937" }, { "reference_url": "https://github.com/advisories/GHSA-8gvg-8vhf-h26g", "reference_id": "GHSA-8gvg-8vhf-h26g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8gvg-8vhf-h26g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0937", "GHSA-8gvg-8vhf-h26g" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18bt-p9bu-7kcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143056?format=api", "vulnerability_id": "VCID-1d4d-6ycn-kfbg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1217" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b75847eb1ef4136d49e119c072266d8874a6e41e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b75847eb1ef4136d49e119c072266d8874a6e41e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1217", "reference_id": "CVE-2019-1217", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1217" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217", "reference_id": "CVE-2019-1217", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217" }, { "reference_url": "https://github.com/advisories/GHSA-pcgf-qjx2-qv4q", "reference_id": "GHSA-pcgf-qjx2-qv4q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcgf-qjx2-qv4q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1217", "GHSA-pcgf-qjx2-qv4q" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d4d-6ycn-kfbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142983?format=api", "vulnerability_id": "VCID-27q5-85wq-ayhx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1138" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/1e5d3f5e4f4feb37a6844f654d351ddcc53e2046", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/1e5d3f5e4f4feb37a6844f654d351ddcc53e2046" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1138", "reference_id": "CVE-2019-1138", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1138" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138", "reference_id": "CVE-2019-1138", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138" }, { "reference_url": "https://github.com/advisories/GHSA-pwpr-vp2v-99xw", "reference_id": "GHSA-pwpr-vp2v-99xw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pwpr-vp2v-99xw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1138", "GHSA-pwpr-vp2v-99xw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-27q5-85wq-ayhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13501?format=api", "vulnerability_id": "VCID-2jw8-vq79-3yc4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90873", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0609" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0609", "reference_id": "CVE-2019-0609", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0609" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609", "reference_id": "CVE-2019-0609", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609" }, { "reference_url": "https://github.com/advisories/GHSA-pjpj-f6r8-56rm", "reference_id": "GHSA-pjpj-f6r8-56rm", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pjpj-f6r8-56rm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0609", "GHSA-pjpj-f6r8-56rm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jw8-vq79-3yc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151082?format=api", "vulnerability_id": "VCID-431z-8875-d7fr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0711" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/a9aee51164faa28ca8617746d1d99ea3f1e75e65", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/a9aee51164faa28ca8617746d1d99ea3f1e75e65" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0711", "reference_id": "CVE-2020-0711", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0711" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711", "reference_id": "CVE-2020-0711", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0711", "GHSA-63fw-7jgf-5hwv" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-431z-8875-d7fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13498?format=api", "vulnerability_id": "VCID-46f5-3qcs-ckcw", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0611" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0611", "reference_id": "CVE-2019-0611", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0611" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611", "reference_id": "CVE-2019-0611", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611" }, { "reference_url": "https://github.com/advisories/GHSA-7ph8-f946-q5r7", "reference_id": "GHSA-7ph8-f946-q5r7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7ph8-f946-q5r7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0611", "GHSA-7ph8-f946-q5r7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-46f5-3qcs-ckcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13509?format=api", "vulnerability_id": "VCID-4kr2-wf77-nug4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14072", "scoring_system": "epss", "scoring_elements": "0.9447", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0810" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/35ee5053bfc3186da193b9cd85e9a5916580bf80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/35ee5053bfc3186da193b9cd85e9a5916580bf80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0810", "reference_id": "CVE-2019-0810", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0810" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810", "reference_id": "CVE-2019-0810", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810" }, { "reference_url": "https://github.com/advisories/GHSA-2mmc-5phj-4wjj", "reference_id": "GHSA-2mmc-5phj-4wjj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2mmc-5phj-4wjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0810", "GHSA-2mmc-5phj-4wjj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kr2-wf77-nug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13614?format=api", "vulnerability_id": "VCID-4n9b-ptn2-3ugd", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06863", "scoring_system": "epss", "scoring_elements": "0.91507", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0911" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a2deba5e1850782014a2a34678464b251e448337", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a2deba5e1850782014a2a34678464b251e448337" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0911", "reference_id": "CVE-2019-0911", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0911" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911", "reference_id": "CVE-2019-0911", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911" }, { "reference_url": "https://github.com/advisories/GHSA-9735-p6r2-2hgh", "reference_id": "GHSA-9735-p6r2-2hgh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9735-p6r2-2hgh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0911", "GHSA-9735-p6r2-2hgh" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4n9b-ptn2-3ugd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13612?format=api", "vulnerability_id": "VCID-4rr8-ter6-7yaw", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0927" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/87ac2b5a751710ee288fdda3fd4d9818e22387a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/87ac2b5a751710ee288fdda3fd4d9818e22387a1" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0927", "reference_id": "CVE-2019-0927", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0927" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927", "reference_id": "CVE-2019-0927", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927" }, { "reference_url": "https://github.com/advisories/GHSA-37pf-w9ff-gqvm", "reference_id": "GHSA-37pf-w9ff-gqvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-37pf-w9ff-gqvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0927", "GHSA-37pf-w9ff-gqvm" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rr8-ter6-7yaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13521?format=api", "vulnerability_id": "VCID-558y-9j3b-fyd3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0861" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b481337f2ae6e92efd919692c6691996947f49ec", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b481337f2ae6e92efd919692c6691996947f49ec" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://web.archive.org/web/20210125022152/http://www.securityfocus.com/bid/107724", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125022152/http://www.securityfocus.com/bid/107724" }, { "reference_url": "http://www.securityfocus.com/bid/107724", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0861", "reference_id": "CVE-2019-0861", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0861" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861", "reference_id": "CVE-2019-0861", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861" }, { "reference_url": "https://github.com/advisories/GHSA-qxmj-3c5h-546c", "reference_id": "GHSA-qxmj-3c5h-546c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qxmj-3c5h-546c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0861", "GHSA-qxmj-3c5h-546c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-558y-9j3b-fyd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13617?format=api", "vulnerability_id": "VCID-66rk-gaz2-x7et", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0913" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0913", "reference_id": "CVE-2019-0913", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0913" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913", "reference_id": "CVE-2019-0913", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913" }, { "reference_url": "https://github.com/advisories/GHSA-59cj-99cw-rq64", "reference_id": "GHSA-59cj-99cw-rq64", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-59cj-99cw-rq64" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0913", "GHSA-59cj-99cw-rq64" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66rk-gaz2-x7et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13513?format=api", "vulnerability_id": "VCID-6zfw-kag6-sfhq", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0860" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/9a9ece61b560fe84f451625140bb46d35fb3b045", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/9a9ece61b560fe84f451625140bb46d35fb3b045" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://web.archive.org/web/20210724054200/http://www.securityfocus.com/bid/107722", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210724054200/http://www.securityfocus.com/bid/107722" }, { "reference_url": "http://www.securityfocus.com/bid/107722", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107722" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0860", "reference_id": "CVE-2019-0860", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0860" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860", "reference_id": "CVE-2019-0860", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860" }, { "reference_url": "https://github.com/advisories/GHSA-fv87-p7qr-xh5x", "reference_id": "GHSA-fv87-p7qr-xh5x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fv87-p7qr-xh5x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0860", "GHSA-fv87-p7qr-xh5x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zfw-kag6-sfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13504?format=api", "vulnerability_id": "VCID-7sqx-g2jn-9yds", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0829" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b03a96112fb05158a040caba88919cd70648f09f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b03a96112fb05158a040caba88919cd70648f09f" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0829", "reference_id": "CVE-2019-0829", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0829" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829", "reference_id": "CVE-2019-0829", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829" }, { "reference_url": "https://github.com/advisories/GHSA-5rq3-9wc9-m9c3", "reference_id": "GHSA-5rq3-9wc9-m9c3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rq3-9wc9-m9c3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0829", "GHSA-5rq3-9wc9-m9c3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7sqx-g2jn-9yds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143241?format=api", "vulnerability_id": "VCID-99dg-rm43-9qef", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06916", "scoring_system": "epss", "scoring_elements": "0.91539", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1427" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1427", "reference_id": "CVE-2019-1427", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1427" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427", "reference_id": "CVE-2019-1427", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154849?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.15" } ], "aliases": [ "CVE-2019-1427" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-99dg-rm43-9qef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143140?format=api", "vulnerability_id": "VCID-ahe3-4w9p-xfba", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1308" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/64376deca69126c2bb05cd87bd5c073aedaf5f9c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/64376deca69126c2bb05cd87bd5c073aedaf5f9c" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1308", "reference_id": "CVE-2019-1308", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1308" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308", "reference_id": "CVE-2019-1308", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308" }, { "reference_url": "https://github.com/advisories/GHSA-vw2g-5827-m9fp", "reference_id": "GHSA-vw2g-5827-m9fp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vw2g-5827-m9fp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146719?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.14" } ], "aliases": [ "CVE-2019-1308", "GHSA-vw2g-5827-m9fp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahe3-4w9p-xfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13705?format=api", "vulnerability_id": "VCID-e1b9-bq4b-9fh7", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nAn information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12446", "scoring_system": "epss", "scoring_elements": "0.94027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0990" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0990", "reference_id": "CVE-2019-0990", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0990" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990", "reference_id": "CVE-2019-0990", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57205?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.10" } ], "aliases": [ "CVE-2019-0990" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1b9-bq4b-9fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142912?format=api", "vulnerability_id": "VCID-eygy-bzey-7yaq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04748", "scoring_system": "epss", "scoring_elements": "0.896", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1062" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7f0d390ad77d838cbb81d4586c83ec822f384ce8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7f0d390ad77d838cbb81d4586c83ec822f384ce8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1062", "reference_id": "CVE-2019-1062", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1062" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062", "reference_id": "CVE-2019-1062", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062" }, { "reference_url": "https://github.com/advisories/GHSA-rh4p-g7x6-8pqg", "reference_id": "GHSA-rh4p-g7x6-8pqg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rh4p-g7x6-8pqg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1062", "GHSA-rh4p-g7x6-8pqg" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eygy-bzey-7yaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13510?format=api", "vulnerability_id": "VCID-fedc-anrx-ufg2", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44847", "scoring_system": "epss", "scoring_elements": "0.97641", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0812" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/4cb3bbd332f67947fab5f4306d75d0749ea4d5fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/4cb3bbd332f67947fab5f4306d75d0749ea4d5fc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0812", "reference_id": "CVE-2019-0812", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0812" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812", "reference_id": "CVE-2019-0812", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812" }, { "reference_url": "https://github.com/advisories/GHSA-rpfg-xf88-cq5r", "reference_id": "GHSA-rpfg-xf88-cq5r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rpfg-xf88-cq5r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0812", "GHSA-rpfg-xf88-cq5r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fedc-anrx-ufg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143240?format=api", "vulnerability_id": "VCID-fj84-9g1p-vfa5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06916", "scoring_system": "epss", "scoring_elements": "0.91539", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1426" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1426", "reference_id": "CVE-2019-1426", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1426" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426", "reference_id": "CVE-2019-1426", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154849?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.15" } ], "aliases": [ "CVE-2019-1426" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fj84-9g1p-vfa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151083?format=api", "vulnerability_id": "VCID-fxfn-jq82-n3fy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0712" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/2e33d8247fbde3b663be5587802bf56942965cad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/2e33d8247fbde3b663be5587802bf56942965cad" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0712", "reference_id": "CVE-2020-0712", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0712" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712", "reference_id": "CVE-2020-0712", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0712", "GHSA-w6qf-35f2-j6h7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxfn-jq82-n3fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142954?format=api", "vulnerability_id": "VCID-fzjt-qse7-kbd5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04657", "scoring_system": "epss", "scoring_elements": "0.89483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1106" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/362e96537af207be3ecf7fa32f338229ee1dcc46", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/362e96537af207be3ecf7fa32f338229ee1dcc46" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1106", "reference_id": "CVE-2019-1106", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1106" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106", "reference_id": "CVE-2019-1106", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106" }, { "reference_url": "https://github.com/advisories/GHSA-mg98-x2cm-4cpf", "reference_id": "GHSA-mg98-x2cm-4cpf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mg98-x2cm-4cpf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1106", "GHSA-mg98-x2cm-4cpf" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzjt-qse7-kbd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151138?format=api", "vulnerability_id": "VCID-ggf4-u8qd-eff7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42191", "scoring_system": "epss", "scoring_elements": "0.97508", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0767" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/161c8957913ffb48bddef4423998b2eb642f35b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/161c8957913ffb48bddef4423998b2eb642f35b3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0767", "reference_id": "CVE-2020-0767", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0767" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767", "reference_id": "CVE-2020-0767", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0767", "GHSA-fhc8-h6hr-h9mq" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ggf4-u8qd-eff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13610?format=api", "vulnerability_id": "VCID-hcfa-1wq4-wyga", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0925" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/32ca10f3955f2a3ca56c6671c721b1264eca06b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/32ca10f3955f2a3ca56c6671c721b1264eca06b8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0925", "reference_id": "CVE-2019-0925", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0925" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925", "reference_id": "CVE-2019-0925", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925" }, { "reference_url": "https://github.com/advisories/GHSA-v648-p92f-9996", "reference_id": "GHSA-v648-p92f-9996", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v648-p92f-9996" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0925", "GHSA-v648-p92f-9996" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hcfa-1wq4-wyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143132?format=api", "vulnerability_id": "VCID-hdpy-kfn8-sbba", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1298" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/fe8f981f8e426ff61159e750a368e94ecbb87782", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/fe8f981f8e426ff61159e750a368e94ecbb87782" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1298", "reference_id": "CVE-2019-1298", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1298" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298", "reference_id": "CVE-2019-1298", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298" }, { "reference_url": "https://github.com/advisories/GHSA-2452-3rwv-x89c", "reference_id": "GHSA-2452-3rwv-x89c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2452-3rwv-x89c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1298", "GHSA-2452-3rwv-x89c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdpy-kfn8-sbba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13607?format=api", "vulnerability_id": "VCID-je2z-mcvk-gqhp", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0924" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/6615113a09c0618ecc10e5680ffb978bf665641f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/6615113a09c0618ecc10e5680ffb978bf665641f" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0924", "reference_id": "CVE-2019-0924", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0924" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924", "reference_id": "CVE-2019-0924", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924" }, { "reference_url": "https://github.com/advisories/GHSA-prxj-c66c-4gcf", "reference_id": "GHSA-prxj-c66c-4gcf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-prxj-c66c-4gcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0924", "GHSA-prxj-c66c-4gcf" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-je2z-mcvk-gqhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13515?format=api", "vulnerability_id": "VCID-jmx4-vvk4-ykdk", "summary": "Integer Overflow or Wraparound\nA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17995", "scoring_system": "epss", "scoring_elements": "0.95275", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0639" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0639", "reference_id": "CVE-2019-0639", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0639" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639", "reference_id": "CVE-2019-0639", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639" }, { "reference_url": "https://github.com/advisories/GHSA-6jf5-rmhv-38cw", "reference_id": "GHSA-6jf5-rmhv-38cw", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6jf5-rmhv-38cw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0639", "GHSA-6jf5-rmhv-38cw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmx4-vvk4-ykdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151084?format=api", "vulnerability_id": "VCID-keaw-uz84-9qer", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0713" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/c7999d938d51cc44cd92dcf79b95a2ef8d3e2182", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/c7999d938d51cc44cd92dcf79b95a2ef8d3e2182" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0713", "reference_id": "CVE-2020-0713", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0713" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713", "reference_id": "CVE-2020-0713", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0713", "GHSA-g6mc-8679-ghx9" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-keaw-uz84-9qer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13613?format=api", "vulnerability_id": "VCID-mm2r-t2rz-7ygp", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0915" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0915", "reference_id": "CVE-2019-0915", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0915" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915", "reference_id": "CVE-2019-0915", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915" }, { "reference_url": "https://github.com/advisories/GHSA-fm9p-5m9f-rq85", "reference_id": "GHSA-fm9p-5m9f-rq85", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fm9p-5m9f-rq85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0915", "GHSA-fm9p-5m9f-rq85" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mm2r-t2rz-7ygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13615?format=api", "vulnerability_id": "VCID-mmba-qzvj-37df", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0917" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0917", "reference_id": "CVE-2019-0917", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0917" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917", "reference_id": "CVE-2019-0917", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917" }, { "reference_url": "https://github.com/advisories/GHSA-rx34-jff5-ph35", "reference_id": "GHSA-rx34-jff5-ph35", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rx34-jff5-ph35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0917", "GHSA-rx34-jff5-ph35" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmba-qzvj-37df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142940?format=api", "vulnerability_id": "VCID-nd4s-mcgx-s3bs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04748", "scoring_system": "epss", "scoring_elements": "0.896", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1092" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d4e767fb946128c135d77edda7a794561e1c1f06", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d4e767fb946128c135d77edda7a794561e1c1f06" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1092", "reference_id": "CVE-2019-1092", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1092" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092", "reference_id": "CVE-2019-1092", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092" }, { "reference_url": "https://github.com/advisories/GHSA-2x75-mf24-588m", "reference_id": "GHSA-2x75-mf24-588m", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2x75-mf24-588m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1092", "GHSA-2x75-mf24-588m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nd4s-mcgx-s3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13516?format=api", "vulnerability_id": "VCID-njsb-3b47-77hk", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06805", "scoring_system": "epss", "scoring_elements": "0.91464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0771" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0771", "reference_id": "CVE-2019-0771", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0771" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771", "reference_id": "CVE-2019-0771", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771" }, { "reference_url": "https://github.com/advisories/GHSA-fvpg-qx3g-7mp7", "reference_id": "GHSA-fvpg-qx3g-7mp7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fvpg-qx3g-7mp7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0771", "GHSA-fvpg-qx3g-7mp7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njsb-3b47-77hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142951?format=api", "vulnerability_id": "VCID-nn2u-snsx-83hq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04657", "scoring_system": "epss", "scoring_elements": "0.89483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1103" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/efab3101028045cbfa0cc21bd852f75bcc037dba", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/efab3101028045cbfa0cc21bd852f75bcc037dba" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1103", "reference_id": "CVE-2019-1103", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1103" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103", "reference_id": "CVE-2019-1103", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103" }, { "reference_url": "https://github.com/advisories/GHSA-vmf5-924f-25f2", "reference_id": "GHSA-vmf5-924f-25f2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vmf5-924f-25f2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1103", "GHSA-vmf5-924f-25f2" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nn2u-snsx-83hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13505?format=api", "vulnerability_id": "VCID-nypa-dv6a-aydu", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06805", "scoring_system": "epss", "scoring_elements": "0.91464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0773" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0773", "reference_id": "CVE-2019-0773", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0773" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773", "reference_id": "CVE-2019-0773", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773" }, { "reference_url": "https://github.com/advisories/GHSA-3w9q-c44j-37jj", "reference_id": "GHSA-3w9q-c44j-37jj", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3w9q-c44j-37jj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0773", "GHSA-3w9q-c44j-37jj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nypa-dv6a-aydu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151081?format=api", "vulnerability_id": "VCID-pusx-pa1h-yyfu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0710" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/d89802674a591904c971f2d92b96b8f40839e7c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/d89802674a591904c971f2d92b96b8f40839e7c7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0710", "reference_id": "CVE-2020-0710", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0710" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710", "reference_id": "CVE-2020-0710", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0710", "GHSA-67xp-4726-4978" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pusx-pa1h-yyfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13703?format=api", "vulnerability_id": "VCID-pxev-85t8-fug6", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nAn information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0990.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12446", "scoring_system": "epss", "scoring_elements": "0.94027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1023" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1023", "reference_id": "CVE-2019-1023", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1023" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023", "reference_id": "CVE-2019-1023", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57205?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.10" } ], "aliases": [ "CVE-2019-1023" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxev-85t8-fug6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143134?format=api", "vulnerability_id": "VCID-qndq-e3vk-ybeu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03843", "scoring_system": "epss", "scoring_elements": "0.88382", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1300" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/95b3e3400afb8fa20743657f3a8057fb451e6f69", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/95b3e3400afb8fa20743657f3a8057fb451e6f69" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1300", "reference_id": "CVE-2019-1300", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1300" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300", "reference_id": "CVE-2019-1300", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300" }, { "reference_url": "https://github.com/advisories/GHSA-grvw-q343-58wh", "reference_id": "GHSA-grvw-q343-58wh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-grvw-q343-58wh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1300", "GHSA-grvw-q343-58wh" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qndq-e3vk-ybeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143076?format=api", "vulnerability_id": "VCID-r16a-n5nn-nybp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1237" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/31f2588c7ba5b446bccf2769e9ecf4d444b73045", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/31f2588c7ba5b446bccf2769e9ecf4d444b73045" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1237", "reference_id": "CVE-2019-1237", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1237" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237", "reference_id": "CVE-2019-1237", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237" }, { "reference_url": "https://github.com/advisories/GHSA-q99r-j969-6jwr", "reference_id": "GHSA-q99r-j969-6jwr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q99r-j969-6jwr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1237", "GHSA-q99r-j969-6jwr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r16a-n5nn-nybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13609?format=api", "vulnerability_id": "VCID-rffd-vnyj-puc3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0922" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a9ab1aae31078e80593b9227db11d316c2239ef3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a9ab1aae31078e80593b9227db11d316c2239ef3" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0922", "reference_id": "CVE-2019-0922", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0922" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922", "reference_id": "CVE-2019-0922", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922" }, { "reference_url": "https://github.com/advisories/GHSA-hrmm-f4j8-8vxc", "reference_id": "GHSA-hrmm-f4j8-8vxc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hrmm-f4j8-8vxc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0922", "GHSA-hrmm-f4j8-8vxc" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rffd-vnyj-puc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13512?format=api", "vulnerability_id": "VCID-rkns-keya-cyfj", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06805", "scoring_system": "epss", "scoring_elements": "0.91464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0769" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0769", "reference_id": "CVE-2019-0769", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0769" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769", "reference_id": "CVE-2019-0769", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769" }, { "reference_url": "https://github.com/advisories/GHSA-8qh8-cv77-h83g", "reference_id": "GHSA-8qh8-cv77-h83g", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8qh8-cv77-h83g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0769", "GHSA-8qh8-cv77-h83g" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkns-keya-cyfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13499?format=api", "vulnerability_id": "VCID-rnva-ys32-7kbu", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44847", "scoring_system": "epss", "scoring_elements": "0.97641", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0592" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0592", "reference_id": "CVE-2019-0592", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0592" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592", "reference_id": "CVE-2019-0592", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592" }, { "reference_url": "https://github.com/advisories/GHSA-fv38-4c3m-25v8", "reference_id": "GHSA-fv38-4c3m-25v8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fv38-4c3m-25v8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0592", "GHSA-fv38-4c3m-25v8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rnva-ys32-7kbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143242?format=api", "vulnerability_id": "VCID-rxgn-xep7-fya7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06916", "scoring_system": "epss", "scoring_elements": "0.91539", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1428" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1428", "reference_id": "CVE-2019-1428", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1428" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428", "reference_id": "CVE-2019-1428", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154849?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.15" } ], "aliases": [ "CVE-2019-1428" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxgn-xep7-fya7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13522?format=api", "vulnerability_id": "VCID-t8bg-6rsw-ebf8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0806" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/50d1e46aac450f236927b309854e77fce4acd49f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/50d1e46aac450f236927b309854e77fce4acd49f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0806", "reference_id": "CVE-2019-0806", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0806" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806", "reference_id": "CVE-2019-0806", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806" }, { "reference_url": "https://github.com/advisories/GHSA-hg36-rmmm-hc5r", "reference_id": "GHSA-hg36-rmmm-hc5r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hg36-rmmm-hc5r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0806", "GHSA-hg36-rmmm-hc5r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8bg-6rsw-ebf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13616?format=api", "vulnerability_id": "VCID-tnh1-zjdq-6qhd", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0933" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/1a550c67b33b27675c0553152cabd09e4ffe3abf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/1a550c67b33b27675c0553152cabd09e4ffe3abf" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0933", "reference_id": "CVE-2019-0933", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0933" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933", "reference_id": "CVE-2019-0933", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933" }, { "reference_url": "https://github.com/advisories/GHSA-5rq8-3wvf-wrfg", "reference_id": "GHSA-5rq8-3wvf-wrfg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rq8-3wvf-wrfg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0933", "GHSA-5rq8-3wvf-wrfg" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tnh1-zjdq-6qhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143139?format=api", "vulnerability_id": "VCID-tnhg-2f5h-cfaa", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1307" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/3fe5e24694729966a157dc613f5586a6c75f1e9b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/3fe5e24694729966a157dc613f5586a6c75f1e9b" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1307", "reference_id": "CVE-2019-1307", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1307" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307", "reference_id": "CVE-2019-1307", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307" }, { "reference_url": "https://github.com/advisories/GHSA-6j89-jhpr-849f", "reference_id": "GHSA-6j89-jhpr-849f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6j89-jhpr-849f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146719?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.14" } ], "aliases": [ "CVE-2019-1307", "GHSA-6j89-jhpr-849f" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhg-2f5h-cfaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142955?format=api", "vulnerability_id": "VCID-vxjj-cqyk-w3hd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04657", "scoring_system": "epss", "scoring_elements": "0.89483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1107" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/214dec9461f9acb9a4b9004368d2a81e0c125652", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/214dec9461f9acb9a4b9004368d2a81e0c125652" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1107", "reference_id": "CVE-2019-1107", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1107" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107", "reference_id": "CVE-2019-1107", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107" }, { "reference_url": "https://github.com/advisories/GHSA-5rcr-q3rx-j7vr", "reference_id": "GHSA-5rcr-q3rx-j7vr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rcr-q3rx-j7vr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1107", "GHSA-5rcr-q3rx-j7vr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxjj-cqyk-w3hd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13605?format=api", "vulnerability_id": "VCID-x6wa-636e-zugv", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0914" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0914", "reference_id": "CVE-2019-0914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0914" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914", "reference_id": "CVE-2019-0914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914" }, { "reference_url": "https://github.com/advisories/GHSA-h6wf-hvwc-fm77", "reference_id": "GHSA-h6wf-hvwc-fm77", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h6wf-hvwc-fm77" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0914", "GHSA-h6wf-hvwc-fm77" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6wa-636e-zugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13611?format=api", "vulnerability_id": "VCID-xkm6-uy8d-x3cq", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0916" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0916", "reference_id": "CVE-2019-0916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0916" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916", "reference_id": "CVE-2019-0916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916" }, { "reference_url": "https://github.com/advisories/GHSA-7423-5qfm-g648", "reference_id": "GHSA-7423-5qfm-g648", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7423-5qfm-g648" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0916", "GHSA-7423-5qfm-g648" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkm6-uy8d-x3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13606?format=api", "vulnerability_id": "VCID-yabf-1cc1-v7dk", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0912" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/936a5af1c07e0fdec9aab85c05339dabe4aaeeb1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/936a5af1c07e0fdec9aab85c05339dabe4aaeeb1" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0912", "reference_id": "CVE-2019-0912", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0912" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912", "reference_id": "CVE-2019-0912", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912" }, { "reference_url": "https://github.com/advisories/GHSA-w89r-qch4-8jv5", "reference_id": "GHSA-w89r-qch4-8jv5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w89r-qch4-8jv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0912", "GHSA-w89r-qch4-8jv5" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yabf-1cc1-v7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142856?format=api", "vulnerability_id": "VCID-z6hg-axpc-1qht", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04059", "scoring_system": "epss", "scoring_elements": "0.88721", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1001" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1001", "reference_id": "CVE-2019-1001", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1001" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001", "reference_id": "CVE-2019-1001", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1001" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6hg-axpc-1qht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13517?format=api", "vulnerability_id": "VCID-zptc-hpne-x7at", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0739" }, { "reference_url": "http://www.securityfocus.com/bid/107708", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107708" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0739", "reference_id": "CVE-2019-0739", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0739" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739", "reference_id": "CVE-2019-0739", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0739" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zptc-hpne-x7at" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13421?format=api", "vulnerability_id": "VCID-1hm4-8j3z-gbe8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0590" }, { "reference_url": "http://www.securityfocus.com/bid/106934", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106934" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0590", "reference_id": "CVE-2019-0590", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0590" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590", "reference_id": "CVE-2019-0590", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0590" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hm4-8j3z-gbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13418?format=api", "vulnerability_id": "VCID-1xjh-99vu-vyf6", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0640" }, { "reference_url": "http://www.securityfocus.com/bid/106910", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106910" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0640", "reference_id": "CVE-2019-0640", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0640" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640", "reference_id": "CVE-2019-0640", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0640" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xjh-99vu-vyf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13415?format=api", "vulnerability_id": "VCID-6yew-52pk-nfe9", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0607" }, { "reference_url": "http://www.securityfocus.com/bid/106907", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106907" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0607", "reference_id": "CVE-2019-0607", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0607" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607", "reference_id": "CVE-2019-0607", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0607" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yew-52pk-nfe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13410?format=api", "vulnerability_id": "VCID-7trr-1jwb-zufw", "summary": "Privilege Escalation\nAn information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27849", "scoring_system": "epss", "scoring_elements": "0.96543", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0658" }, { "reference_url": "http://www.securityfocus.com/bid/106882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106882" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0658", "reference_id": "CVE-2019-0658", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0658" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658", "reference_id": "CVE-2019-0658", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0658" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7trr-1jwb-zufw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13417?format=api", "vulnerability_id": "VCID-8jd7-9g2p-xqec", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0651", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08962", "scoring_system": "epss", "scoring_elements": "0.9273", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0651" }, { "reference_url": "http://www.securityfocus.com/bid/106902", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106902" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0651", "reference_id": "CVE-2019-0651", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0651" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651", "reference_id": "CVE-2019-0651", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0651" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jd7-9g2p-xqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13424?format=api", "vulnerability_id": "VCID-9u2d-1vj5-sfbf", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0610" }, { "reference_url": "http://www.securityfocus.com/bid/106908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106908" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0610", "reference_id": "CVE-2019-0610", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0610" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610", "reference_id": "CVE-2019-0610", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0610" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9u2d-1vj5-sfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13411?format=api", "vulnerability_id": "VCID-cmad-nxc3-3ugn", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08962", "scoring_system": "epss", "scoring_elements": "0.9273", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0655" }, { "reference_url": "http://www.securityfocus.com/bid/106912", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106912" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0655", "reference_id": "CVE-2019-0655", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0655" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655", "reference_id": "CVE-2019-0655", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0655" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cmad-nxc3-3ugn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13413?format=api", "vulnerability_id": "VCID-gyyj-1jxm-vfbu", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0593", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41246", "scoring_system": "epss", "scoring_elements": "0.97462", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0593" }, { "reference_url": "http://www.securityfocus.com/bid/106936", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106936" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0593", "reference_id": "CVE-2019-0593", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0593" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593", "reference_id": "CVE-2019-0593", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0593" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gyyj-1jxm-vfbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13420?format=api", "vulnerability_id": "VCID-hagb-nxwq-tbg3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0642" }, { "reference_url": "http://www.securityfocus.com/bid/106911", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106911" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0642", "reference_id": "CVE-2019-0642", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0642" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642", "reference_id": "CVE-2019-0642", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0642" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hagb-nxwq-tbg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13416?format=api", "vulnerability_id": "VCID-mczu-b3e6-5bgb", "summary": "Privilege Escalation\nA vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09543", "scoring_system": "epss", "scoring_elements": "0.92986", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0649" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/beba75a1aed0933cf3c76efb4dc67529dc035901", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/beba75a1aed0933cf3c76efb4dc67529dc035901" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5936", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5936" }, { "reference_url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877" }, { "reference_url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877/" }, { "reference_url": "http://www.securityfocus.com/bid/106877", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106877" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0649", "reference_id": "CVE-2019-0649", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0649" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649", "reference_id": "CVE-2019-0649", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649" }, { "reference_url": "https://github.com/advisories/GHSA-6c6r-39cv-x5fq", "reference_id": "GHSA-6c6r-39cv-x5fq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6c6r-39cv-x5fq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0649", "GHSA-6c6r-39cv-x5fq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mczu-b3e6-5bgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13423?format=api", "vulnerability_id": "VCID-sqfw-zhmk-mkbe", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0591" }, { "reference_url": "http://www.securityfocus.com/bid/106935", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106935" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0591", "reference_id": "CVE-2019-0591", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0591" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591", "reference_id": "CVE-2019-0591", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0591" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqfw-zhmk-mkbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13412?format=api", "vulnerability_id": "VCID-udcs-da57-q7hs", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0652", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0652" }, { "reference_url": "http://www.securityfocus.com/bid/106903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106903" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0652", "reference_id": "CVE-2019-0652", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0652" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652", "reference_id": "CVE-2019-0652", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0652" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-udcs-da57-q7hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13422?format=api", "vulnerability_id": "VCID-vser-kewx-akh4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0644" }, { "reference_url": "http://www.securityfocus.com/bid/106889", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106889" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0644", "reference_id": "CVE-2019-0644", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0644" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644", "reference_id": "CVE-2019-0644", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0644" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vser-kewx-akh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13419?format=api", "vulnerability_id": "VCID-w2kf-rnn3-huc8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1067", "scoring_system": "epss", "scoring_elements": "0.93432", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0605" }, { "reference_url": "http://www.securityfocus.com/bid/106905", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106905" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0605", "reference_id": "CVE-2019-0605", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0605" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605", "reference_id": "CVE-2019-0605", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0605" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2kf-rnn3-huc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15867?format=api", "vulnerability_id": "VCID-xkdp-evty-rubw", "summary": "ChakraCore information disclosure vulnerability\nAn information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created. The update addresses the vulnerability by changing the way certain functions handle objects in memory, aka Scripting Engine Information Disclosure Vulnerability. This CVE ID is unique from CVE-2019-0658.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14171", "scoring_system": "epss", "scoring_elements": "0.9449", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0648" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/1a7790f873b1a73d1cfec9548eb08a3b9fd798f3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/1a7790f873b1a73d1cfec9548eb08a3b9fd798f3" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5936", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5936" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5936/commits/1a7790f873b1a73d1cfec9548eb08a3b9fd798f3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/chakra-core/ChakraCore/pull/5936/commits/1a7790f873b1a73d1cfec9548eb08a3b9fd798f3" }, { "reference_url": "https://web.archive.org/web/20210729110650/http://www.securityfocus.com/bid/106885", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210729110650/http://www.securityfocus.com/bid/106885" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0648", "reference_id": "CVE-2019-0648", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0648" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648", "reference_id": "CVE-2019-0648", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648" }, { "reference_url": "https://github.com/advisories/GHSA-wwfw-m54g-gv72", "reference_id": "GHSA-wwfw-m54g-gv72", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wwfw-m54g-gv72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0648", "GHSA-wwfw-m54g-gv72" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkdp-evty-rubw" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" }