Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/61792?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "type": "nuget", "namespace": "", "name": "Microsoft.ChakraCore", "version": "1.2.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.11.16", "latest_non_vulnerable_version": "1.11.23", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13604?format=api", "vulnerability_id": "VCID-18bt-p9bu-7kcg", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0937" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7827e117753052d479fabe19a25cfece88059bca", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7827e117753052d479fabe19a25cfece88059bca" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0937", "reference_id": "CVE-2019-0937", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0937" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937", "reference_id": "CVE-2019-0937", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937" }, { "reference_url": "https://github.com/advisories/GHSA-8gvg-8vhf-h26g", "reference_id": "GHSA-8gvg-8vhf-h26g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8gvg-8vhf-h26g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0937", "GHSA-8gvg-8vhf-h26g" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18bt-p9bu-7kcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11974?format=api", "vulnerability_id": "VCID-18cy-ef2d-sfgs", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server R2 SP1, Windows and Windows RT, Windows Server R2, Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, and CVE-2017-11916.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20533", "scoring_system": "epss", "scoring_elements": "0.95672", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11930" }, { "reference_url": "http://www.securityfocus.com/bid/102058", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102058" }, { "reference_url": "http://www.securitytracker.com/id/1039991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039991" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11930", "reference_id": "CVE-2017-11930", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11930" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11930", "reference_id": "CVE-2017-11930", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11930" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11930" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18cy-ef2d-sfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12021?format=api", "vulnerability_id": "VCID-193r-rk9b-73a7", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0773" }, { "reference_url": "http://www.securityfocus.com/bid/102398", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102398" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0773", "reference_id": "CVE-2018-0773", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0773" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0773", "reference_id": "CVE-2018-0773", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0773" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0773" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-193r-rk9b-73a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11526?format=api", "vulnerability_id": "VCID-19s3-6hk5-zydp", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nA remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\".", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33566", "scoring_system": "epss", "scoring_elements": "0.97016", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8658" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/2500e1cdc12cb35af73d5c8c9b85656aba6bab4d", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/2500e1cdc12cb35af73d5c8c9b85656aba6bab4d" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/3509", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/3509" }, { "reference_url": "https://web.archive.org/web/20210124090857/http://www.securityfocus.com/bid/100036", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124090857/http://www.securityfocus.com/bid/100036" }, { "reference_url": "http://www.securityfocus.com/bid/100036", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100036" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8658", "reference_id": "CVE-2017-8658", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8658" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8658", "reference_id": "CVE-2017-8658", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8658" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213906?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.6.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/52924?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.1" } ], "aliases": [ "CVE-2017-8658", "GHSA-8v2h-4jpm-3wfm" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-19s3-6hk5-zydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143056?format=api", "vulnerability_id": "VCID-1d4d-6ycn-kfbg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1217" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b75847eb1ef4136d49e119c072266d8874a6e41e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b75847eb1ef4136d49e119c072266d8874a6e41e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1217", "reference_id": "CVE-2019-1217", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1217" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217", "reference_id": "CVE-2019-1217", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217" }, { "reference_url": "https://github.com/advisories/GHSA-pcgf-qjx2-qv4q", "reference_id": "GHSA-pcgf-qjx2-qv4q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcgf-qjx2-qv4q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1217", "GHSA-pcgf-qjx2-qv4q" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d4d-6ycn-kfbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12785?format=api", "vulnerability_id": "VCID-1fvy-afaq-7ffz", "summary": "Access of Resource Using Incompatible Type ('Type Confusion')\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76284", "scoring_system": "epss", "scoring_elements": "0.98953", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8291" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/c322694178ece209b0aa73eafd97a036def86eb1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/c322694178ece209b0aa73eafd97a036def86eb1" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210124183732/http://www.securityfocus.com/bid/104637", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124183732/http://www.securityfocus.com/bid/104637" }, { "reference_url": "https://web.archive.org/web/20210515050150/http://www.securitytracker.com/id/1041258", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210515050150/http://www.securitytracker.com/id/1041258" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://www.exploit-db.com/exploits/45215", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45215" }, { "reference_url": "https://www.exploit-db.com/exploits/45215/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45215/" }, { "reference_url": "http://www.securityfocus.com/bid/104637", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104637" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securitytracker.com/id/1041258", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041258" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1576", "reference_id": "CVE-2018-8291", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1576" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45215.js", "reference_id": "CVE-2018-8291", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45215.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8291", "reference_id": "CVE-2018-8291", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8291" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291", "reference_id": "CVE-2018-8291", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291" }, { "reference_url": "https://github.com/advisories/GHSA-j67m-wpv6-pv44", "reference_id": "GHSA-j67m-wpv6-pv44", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j67m-wpv6-pv44" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8291", "GHSA-j67m-wpv6-pv44" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1fvy-afaq-7ffz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13421?format=api", "vulnerability_id": "VCID-1hm4-8j3z-gbe8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0590" }, { "reference_url": "http://www.securityfocus.com/bid/106934", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106934" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0590", "reference_id": "CVE-2019-0590", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0590" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590", "reference_id": "CVE-2019-0590", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0590" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hm4-8j3z-gbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12020?format=api", "vulnerability_id": "VCID-1mqn-qxsq-gfb5", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0768" }, { "reference_url": "http://www.securityfocus.com/bid/102395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102395" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0768", "reference_id": "CVE-2018-0768", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0768" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0768", "reference_id": "CVE-2018-0768", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0768" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0768" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mqn-qxsq-gfb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12314?format=api", "vulnerability_id": "VCID-1txb-sjay-ukfb", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76997", "scoring_system": "epss", "scoring_elements": "0.98984", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0953" }, { "reference_url": "https://www.exploit-db.com/exploits/44694/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44694/" }, { "reference_url": "http://www.securityfocus.com/bid/103990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103990" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1531", "reference_id": "CVE-2018-0953", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1531" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44694.js", "reference_id": "CVE-2018-0953", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44694.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0953", "reference_id": "CVE-2018-0953", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0953" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0953", "reference_id": "CVE-2018-0953", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0953" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" } ], "aliases": [ "CVE-2018-0953" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1txb-sjay-ukfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11964?format=api", "vulnerability_id": "VCID-1xh6-cjvx-4bej", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73993", "scoring_system": "epss", "scoring_elements": "0.98854", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11909" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/0e4566a4c394cb69834719704a05aa17101ae3f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/0e4566a4c394cb69834719704a05aa17101ae3f5" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122714/http://www.securityfocus.com/bid/102085", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122714/http://www.securityfocus.com/bid/102085" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://www.exploit-db.com/exploits/43467", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/43467" }, { "reference_url": "https://www.exploit-db.com/exploits/43467/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43467/" }, { "reference_url": "http://www.securityfocus.com/bid/102085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102085" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1384", "reference_id": "CVE-2017-11909", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1384" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43467.js", "reference_id": "CVE-2017-11909", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43467.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11909", "reference_id": "CVE-2017-11909", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11909" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11909", "reference_id": "CVE-2017-11909", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11909" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11909", "GHSA-9qpf-v72j-j9qh" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xh6-cjvx-4bej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13418?format=api", "vulnerability_id": "VCID-1xjh-99vu-vyf6", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0640" }, { "reference_url": "http://www.securityfocus.com/bid/106910", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106910" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0640", "reference_id": "CVE-2019-0640", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0640" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640", "reference_id": "CVE-2019-0640", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0640" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xjh-99vu-vyf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142983?format=api", "vulnerability_id": "VCID-27q5-85wq-ayhx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1138" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/1e5d3f5e4f4feb37a6844f654d351ddcc53e2046", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/1e5d3f5e4f4feb37a6844f654d351ddcc53e2046" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1138", "reference_id": "CVE-2019-1138", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1138" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138", "reference_id": "CVE-2019-1138", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138" }, { "reference_url": "https://github.com/advisories/GHSA-pwpr-vp2v-99xw", "reference_id": "GHSA-pwpr-vp2v-99xw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pwpr-vp2v-99xw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1138", "GHSA-pwpr-vp2v-99xw" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-27q5-85wq-ayhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13501?format=api", "vulnerability_id": "VCID-2jw8-vq79-3yc4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90873", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0609" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0609", "reference_id": "CVE-2019-0609", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0609" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609", "reference_id": "CVE-2019-0609", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609" }, { "reference_url": "https://github.com/advisories/GHSA-pjpj-f6r8-56rm", "reference_id": "GHSA-pjpj-f6r8-56rm", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pjpj-f6r8-56rm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0609", "GHSA-pjpj-f6r8-56rm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jw8-vq79-3yc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12313?format=api", "vulnerability_id": "VCID-2ry8-tv1k-pyb3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8145.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26113", "scoring_system": "epss", "scoring_elements": "0.96379", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8177" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/eb4b00bcd61a56d5ac66f4155870cba3178d3273", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/eb4b00bcd61a56d5ac66f4155870cba3178d3273" }, { "reference_url": "https://web.archive.org/web/20210124164218/http://www.securityfocus.com/bid/103967", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164218/http://www.securityfocus.com/bid/103967" }, { "reference_url": "http://www.securityfocus.com/bid/104090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8177", "reference_id": "CVE-2018-8177", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8177" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8177", "reference_id": "CVE-2018-8177", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8177" }, { "reference_url": "https://github.com/advisories/GHSA-7cc5-cqmx-9v7g", "reference_id": "GHSA-7cc5-cqmx-9v7g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7cc5-cqmx-9v7g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-8177", "GHSA-7cc5-cqmx-9v7g" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ry8-tv1k-pyb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11978?format=api", "vulnerability_id": "VCID-2x6n-tg25-wkc4", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11908" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/39eecff7daecce96088f7ed737f145ee4774faa6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/39eecff7daecce96088f7ed737f145ee4774faa6" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122457/http://www.securityfocus.com/bid/102052", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122457/http://www.securityfocus.com/bid/102052" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "http://www.securityfocus.com/bid/102052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102052" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11908", "reference_id": "CVE-2017-11908", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11908" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11908", "reference_id": "CVE-2017-11908", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11908" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11908", "GHSA-923j-972p-hchf" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2x6n-tg25-wkc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12695?format=api", "vulnerability_id": "VCID-3r3s-nrc8-sbe6", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21096", "scoring_system": "epss", "scoring_elements": "0.95754", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8227" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/8af718902bfdc23bdce67d013eb25bd73773e306", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/8af718902bfdc23bdce67d013eb25bd73773e306" }, { "reference_url": "https://web.archive.org/web/20210124174712/http://www.securityfocus.com/bid/104368", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124174712/http://www.securityfocus.com/bid/104368" }, { "reference_url": "https://web.archive.org/web/20210927135934/http://www.securitytracker.com/id/1041097", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210927135934/http://www.securitytracker.com/id/1041097" }, { "reference_url": "http://www.securityfocus.com/bid/104368", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104368" }, { "reference_url": "http://www.securitytracker.com/id/1041097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041097" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8227", "reference_id": "CVE-2018-8227", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8227" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8227", "reference_id": "CVE-2018-8227", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8227" }, { "reference_url": "https://github.com/advisories/GHSA-gqh4-4r89-pr95", "reference_id": "GHSA-gqh4-4r89-pr95", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gqh4-4r89-pr95" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/76912?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.5" } ], "aliases": [ "CVE-2018-8227", "GHSA-gqh4-4r89-pr95" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3r3s-nrc8-sbe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151082?format=api", "vulnerability_id": "VCID-431z-8875-d7fr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0711" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/a9aee51164faa28ca8617746d1d99ea3f1e75e65", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/a9aee51164faa28ca8617746d1d99ea3f1e75e65" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0711", "reference_id": "CVE-2020-0711", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0711" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711", "reference_id": "CVE-2020-0711", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0711", "GHSA-63fw-7jgf-5hwv" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-431z-8875-d7fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13498?format=api", "vulnerability_id": "VCID-46f5-3qcs-ckcw", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0611" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0611", "reference_id": "CVE-2019-0611", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0611" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611", "reference_id": "CVE-2019-0611", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611" }, { "reference_url": "https://github.com/advisories/GHSA-7ph8-f946-q5r7", "reference_id": "GHSA-7ph8-f946-q5r7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7ph8-f946-q5r7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0611", "GHSA-7ph8-f946-q5r7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-46f5-3qcs-ckcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11786?format=api", "vulnerability_id": "VCID-4jw5-n3pz-zuhf", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26105", "scoring_system": "epss", "scoring_elements": "0.96377", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11797" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/9a3ad7ccba1fae1549e21369982d59d45a2ab6cf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/9a3ad7ccba1fae1549e21369982d59d45a2ab6cf" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/3917", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/3917" }, { "reference_url": "https://web.archive.org/web/20210124110143/http://www.securityfocus.com/bid/101145", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124110143/http://www.securityfocus.com/bid/101145" }, { "reference_url": "http://www.securityfocus.com/bid/101145", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101145" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11797", "reference_id": "CVE-2017-11797", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11797" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11797", "reference_id": "CVE-2017-11797", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11797" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53398?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.3" } ], "aliases": [ "CVE-2017-11797", "GHSA-hrf4-ww4w-6rv6" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4jw5-n3pz-zuhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13509?format=api", "vulnerability_id": "VCID-4kr2-wf77-nug4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14072", "scoring_system": "epss", "scoring_elements": "0.9447", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0810" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/35ee5053bfc3186da193b9cd85e9a5916580bf80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/35ee5053bfc3186da193b9cd85e9a5916580bf80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0810", "reference_id": "CVE-2019-0810", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0810" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810", "reference_id": "CVE-2019-0810", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810" }, { "reference_url": "https://github.com/advisories/GHSA-2mmc-5phj-4wjj", "reference_id": "GHSA-2mmc-5phj-4wjj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2mmc-5phj-4wjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0810", "GHSA-2mmc-5phj-4wjj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kr2-wf77-nug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13614?format=api", "vulnerability_id": "VCID-4n9b-ptn2-3ugd", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06863", "scoring_system": "epss", "scoring_elements": "0.91507", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0911" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a2deba5e1850782014a2a34678464b251e448337", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a2deba5e1850782014a2a34678464b251e448337" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0911", "reference_id": "CVE-2019-0911", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0911" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911", "reference_id": "CVE-2019-0911", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911" }, { "reference_url": "https://github.com/advisories/GHSA-9735-p6r2-2hgh", "reference_id": "GHSA-9735-p6r2-2hgh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9735-p6r2-2hgh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0911", "GHSA-9735-p6r2-2hgh" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4n9b-ptn2-3ugd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13612?format=api", "vulnerability_id": "VCID-4rr8-ter6-7yaw", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0927" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/87ac2b5a751710ee288fdda3fd4d9818e22387a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/87ac2b5a751710ee288fdda3fd4d9818e22387a1" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0927", "reference_id": "CVE-2019-0927", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0927" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927", "reference_id": "CVE-2019-0927", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927" }, { "reference_url": "https://github.com/advisories/GHSA-37pf-w9ff-gqvm", "reference_id": "GHSA-37pf-w9ff-gqvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-37pf-w9ff-gqvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0927", "GHSA-37pf-w9ff-gqvm" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rr8-ter6-7yaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12779?format=api", "vulnerability_id": "VCID-523x-9n5w-rqc2", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18649", "scoring_system": "epss", "scoring_elements": "0.95385", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8294" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7af07fdfb3cf3ac2b21dd71bf565ab1135e62d4d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7af07fdfb3cf3ac2b21dd71bf565ab1135e62d4d" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210124183944/http://www.securityfocus.com/bid/104646", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124183944/http://www.securityfocus.com/bid/104646" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securityfocus.com/bid/104646", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104646" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8294", "reference_id": "CVE-2018-8294", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8294" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294", "reference_id": "CVE-2018-8294", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294" }, { "reference_url": "https://github.com/advisories/GHSA-gxxx-j8m7-hh7m", "reference_id": "GHSA-gxxx-j8m7-hh7m", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gxxx-j8m7-hh7m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55054?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8294", "GHSA-gxxx-j8m7-hh7m" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-523x-9n5w-rqc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12019?format=api", "vulnerability_id": "VCID-532u-w1p6-rycx", "summary": "Out-of-bounds Read\nMicrosoft Edge in Microsoft Windows, and Windows Server allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0780 and CVE-2018-0800.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.75639", "scoring_system": "epss", "scoring_elements": "0.98924", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0767" }, { "reference_url": "https://www.exploit-db.com/exploits/43522/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43522/" }, { "reference_url": "http://www.securityfocus.com/bid/102393", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102393" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1387", "reference_id": "CVE-2018-0767", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1387" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43522.js", "reference_id": "CVE-2018-0767", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43522.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0767", "reference_id": "CVE-2018-0767", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0767" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767", "reference_id": "CVE-2018-0767", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0767" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-532u-w1p6-rycx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12318?format=api", "vulnerability_id": "VCID-54xz-xw4u-xqh9", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, ChakraCore, Internet Explorer, Microsoft Edge, Internet Explorer This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16579", "scoring_system": "epss", "scoring_elements": "0.95026", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0954" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/51c46371c917e87bbde77d66abba088309d96a3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/51c46371c917e87bbde77d66abba088309d96a3f" }, { "reference_url": "https://web.archive.org/web/20210124164423/http://www.securityfocus.com/bid/103991", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164423/http://www.securityfocus.com/bid/103991" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "http://www.securityfocus.com/bid/103991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103991" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0954", "reference_id": "CVE-2018-0954", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0954" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0954", "reference_id": "CVE-2018-0954", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0954" }, { "reference_url": "https://github.com/advisories/GHSA-h5hw-qrrw-vfxg", "reference_id": "GHSA-h5hw-qrrw-vfxg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h5hw-qrrw-vfxg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-0954", "GHSA-h5hw-qrrw-vfxg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54xz-xw4u-xqh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13521?format=api", "vulnerability_id": "VCID-558y-9j3b-fyd3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0861" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b481337f2ae6e92efd919692c6691996947f49ec", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b481337f2ae6e92efd919692c6691996947f49ec" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://web.archive.org/web/20210125022152/http://www.securityfocus.com/bid/107724", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125022152/http://www.securityfocus.com/bid/107724" }, { "reference_url": "http://www.securityfocus.com/bid/107724", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0861", "reference_id": "CVE-2019-0861", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0861" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861", "reference_id": "CVE-2019-0861", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861" }, { "reference_url": "https://github.com/advisories/GHSA-qxmj-3c5h-546c", "reference_id": "GHSA-qxmj-3c5h-546c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qxmj-3c5h-546c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0861", "GHSA-qxmj-3c5h-546c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-558y-9j3b-fyd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11973?format=api", "vulnerability_id": "VCID-5s8e-w8mp-xydh", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73993", "scoring_system": "epss", "scoring_elements": "0.98854", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11893" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/760822c7bf4ffd5e773da14bc35d9c07d672f0c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/760822c7bf4ffd5e773da14bc35d9c07d672f0c7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122701/http://www.securityfocus.com/bid/102081", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122701/http://www.securityfocus.com/bid/102081" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://www.exploit-db.com/exploits/43466", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/43466" }, { "reference_url": "https://www.exploit-db.com/exploits/43466/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43466/" }, { "reference_url": "http://www.securityfocus.com/bid/102081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102081" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1379", "reference_id": "CVE-2017-11893", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1379" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43466.js", "reference_id": "CVE-2017-11893", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43466.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11893", "reference_id": "CVE-2017-11893", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11893" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11893", "reference_id": "CVE-2017-11893", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11893" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11893", "GHSA-c6r3-ghjw-hgrj" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5s8e-w8mp-xydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12023?format=api", "vulnerability_id": "VCID-63zg-je8v-2yh6", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0778.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0781" }, { "reference_url": "http://www.securityfocus.com/bid/102404", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102404" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0781", "reference_id": "CVE-2018-0781", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0781" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0781", "reference_id": "CVE-2018-0781", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0781" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0781" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-63zg-je8v-2yh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13617?format=api", "vulnerability_id": "VCID-66rk-gaz2-x7et", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0913" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0913", "reference_id": "CVE-2019-0913", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0913" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913", "reference_id": "CVE-2019-0913", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913" }, { "reference_url": "https://github.com/advisories/GHSA-59cj-99cw-rq64", "reference_id": "GHSA-59cj-99cw-rq64", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-59cj-99cw-rq64" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0913", "GHSA-59cj-99cw-rq64" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66rk-gaz2-x7et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13415?format=api", "vulnerability_id": "VCID-6yew-52pk-nfe9", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0607" }, { "reference_url": "http://www.securityfocus.com/bid/106907", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106907" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0607", "reference_id": "CVE-2019-0607", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0607" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607", "reference_id": "CVE-2019-0607", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0607" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yew-52pk-nfe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13513?format=api", "vulnerability_id": "VCID-6zfw-kag6-sfhq", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0860" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/9a9ece61b560fe84f451625140bb46d35fb3b045", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/9a9ece61b560fe84f451625140bb46d35fb3b045" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://web.archive.org/web/20210724054200/http://www.securityfocus.com/bid/107722", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210724054200/http://www.securityfocus.com/bid/107722" }, { "reference_url": "http://www.securityfocus.com/bid/107722", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107722" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0860", "reference_id": "CVE-2019-0860", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0860" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860", "reference_id": "CVE-2019-0860", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860" }, { "reference_url": "https://github.com/advisories/GHSA-fv87-p7qr-xh5x", "reference_id": "GHSA-fv87-p7qr-xh5x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fv87-p7qr-xh5x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0860", "GHSA-fv87-p7qr-xh5x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zfw-kag6-sfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13504?format=api", "vulnerability_id": "VCID-7sqx-g2jn-9yds", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0829" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b03a96112fb05158a040caba88919cd70648f09f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b03a96112fb05158a040caba88919cd70648f09f" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6087" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0829", "reference_id": "CVE-2019-0829", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0829" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829", "reference_id": "CVE-2019-0829", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829" }, { "reference_url": "https://github.com/advisories/GHSA-5rq3-9wc9-m9c3", "reference_id": "GHSA-5rq3-9wc9-m9c3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rq3-9wc9-m9c3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0829", "GHSA-5rq3-9wc9-m9c3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7sqx-g2jn-9yds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13410?format=api", "vulnerability_id": "VCID-7trr-1jwb-zufw", "summary": "Privilege Escalation\nAn information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27849", "scoring_system": "epss", "scoring_elements": "0.96543", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0658" }, { "reference_url": "http://www.securityfocus.com/bid/106882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106882" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0658", "reference_id": "CVE-2019-0658", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0658" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658", "reference_id": "CVE-2019-0658", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0658" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7trr-1jwb-zufw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12787?format=api", "vulnerability_id": "VCID-7z5t-cth2-ybe1", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-2018-8294.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18649", "scoring_system": "epss", "scoring_elements": "0.95385", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8286" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/0ac4253cbc2d7f63e638a4930b552814bd64aa5d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/0ac4253cbc2d7f63e638a4930b552814bd64aa5d" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210124183857/http://www.securityfocus.com/bid/104643", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124183857/http://www.securityfocus.com/bid/104643" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securityfocus.com/bid/104643", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104643" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8286", "reference_id": "CVE-2018-8286", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8286" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286", "reference_id": "CVE-2018-8286", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286" }, { "reference_url": "https://github.com/advisories/GHSA-vwqh-cmvp-6694", "reference_id": "GHSA-vwqh-cmvp-6694", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vwqh-cmvp-6694" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55054?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8286", "GHSA-vwqh-cmvp-6694" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7z5t-cth2-ybe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13417?format=api", "vulnerability_id": "VCID-8jd7-9g2p-xqec", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0651", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08962", "scoring_system": "epss", "scoring_elements": "0.9273", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0651" }, { "reference_url": "http://www.securityfocus.com/bid/106902", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106902" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0651", "reference_id": "CVE-2019-0651", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0651" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651", "reference_id": "CVE-2019-0651", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0651" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jd7-9g2p-xqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12784?format=api", "vulnerability_id": "VCID-8jqz-9eaj-mfaj", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8294.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18649", "scoring_system": "epss", "scoring_elements": "0.95385", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8290" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/8bd6826aea01ff1af36f2a83fe00c44799ba80cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/8bd6826aea01ff1af36f2a83fe00c44799ba80cb" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210125211407/http://www.securityfocus.com/bid/104644", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125211407/http://www.securityfocus.com/bid/104644" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securityfocus.com/bid/104644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104644" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8290", "reference_id": "CVE-2018-8290", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8290" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290", "reference_id": "CVE-2018-8290", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290" }, { "reference_url": "https://github.com/advisories/GHSA-vgxq-xv7f-jxjx", "reference_id": "GHSA-vgxq-xv7f-jxjx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vgxq-xv7f-jxjx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55054?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8290", "GHSA-vgxq-xv7f-jxjx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jqz-9eaj-mfaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12025?format=api", "vulnerability_id": "VCID-8swk-fket-wkes", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0778" }, { "reference_url": "http://www.securityfocus.com/bid/102403", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102403" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0778", "reference_id": "CVE-2018-0778", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0778" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0778", "reference_id": "CVE-2018-0778", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0778" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0778" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8swk-fket-wkes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143241?format=api", "vulnerability_id": "VCID-99dg-rm43-9qef", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06916", "scoring_system": "epss", "scoring_elements": "0.91539", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1427" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1427", "reference_id": "CVE-2019-1427", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1427" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427", "reference_id": "CVE-2019-1427", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154849?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.15" } ], "aliases": [ "CVE-2019-1427" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-99dg-rm43-9qef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13424?format=api", "vulnerability_id": "VCID-9u2d-1vj5-sfbf", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0610" }, { "reference_url": "http://www.securityfocus.com/bid/106908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106908" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0610", "reference_id": "CVE-2019-0610", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0610" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610", "reference_id": "CVE-2019-0610", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0610" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9u2d-1vj5-sfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12786?format=api", "vulnerability_id": "VCID-9v8t-kbf9-yye5", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8280", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18649", "scoring_system": "epss", "scoring_elements": "0.95385", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8280" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/3ad284acd3c277d2e9b38b96ccfd17968e037526", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/3ad284acd3c277d2e9b38b96ccfd17968e037526" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210124183849/http://www.securityfocus.com/bid/104642", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124183849/http://www.securityfocus.com/bid/104642" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securityfocus.com/bid/104642", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104642" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8280", "reference_id": "CVE-2018-8280", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8280" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280", "reference_id": "CVE-2018-8280", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280" }, { "reference_url": "https://github.com/advisories/GHSA-wwm6-r38h-ppg7", "reference_id": "GHSA-wwm6-r38h-ppg7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wwm6-r38h-ppg7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55054?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8280", "GHSA-wwm6-r38h-ppg7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9v8t-kbf9-yye5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143140?format=api", "vulnerability_id": "VCID-ahe3-4w9p-xfba", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1308" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/64376deca69126c2bb05cd87bd5c073aedaf5f9c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/64376deca69126c2bb05cd87bd5c073aedaf5f9c" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1308", "reference_id": "CVE-2019-1308", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1308" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308", "reference_id": "CVE-2019-1308", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308" }, { "reference_url": "https://github.com/advisories/GHSA-vw2g-5827-m9fp", "reference_id": "GHSA-vw2g-5827-m9fp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vw2g-5827-m9fp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146719?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.14" } ], "aliases": [ "CVE-2019-1308", "GHSA-vw2g-5827-m9fp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahe3-4w9p-xfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11971?format=api", "vulnerability_id": "VCID-b6wu-ubuv-jqeg", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73993", "scoring_system": "epss", "scoring_elements": "0.98854", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11911" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a5d6be626305671166f21db359c1c06a3a372b8b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a5d6be626305671166f21db359c1c06a3a372b8b" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122722/http://www.securityfocus.com/bid/102087", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122722/http://www.securityfocus.com/bid/102087" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://www.exploit-db.com/exploits/43468", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/43468" }, { "reference_url": "https://www.exploit-db.com/exploits/43468/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43468/" }, { "reference_url": "http://www.securityfocus.com/bid/102087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102087" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1385", "reference_id": "CVE-2017-11911", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1385" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43468.js", "reference_id": "CVE-2017-11911", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43468.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11911", "reference_id": "CVE-2017-11911", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11911" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11911", "reference_id": "CVE-2017-11911", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11911" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11911", "GHSA-qfcq-4vv7-9mq7" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b6wu-ubuv-jqeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12022?format=api", "vulnerability_id": "VCID-bmba-t3ga-fuh6", "summary": "Out-of-bounds Read\nMicrosoft Edge in Microsoft Windows Gold, and Windows Server allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0800.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.75639", "scoring_system": "epss", "scoring_elements": "0.98924", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0780" }, { "reference_url": "https://www.exploit-db.com/exploits/43720/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43720/" }, { "reference_url": "http://www.securityfocus.com/bid/102389", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102389" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1433", "reference_id": "CVE-2018-0780", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1433" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43720.js", "reference_id": "CVE-2018-0780", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43720.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0780", "reference_id": "CVE-2018-0780", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0780" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0780", "reference_id": "CVE-2018-0780", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0780" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0780" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bmba-t3ga-fuh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12026?format=api", "vulnerability_id": "VCID-brne-zr1j-zqdz", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73988", "scoring_system": "epss", "scoring_elements": "0.98852", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0769" }, { "reference_url": "https://www.exploit-db.com/exploits/43710/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43710/" }, { "reference_url": "http://www.securityfocus.com/bid/102396", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102396" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1390", "reference_id": "CVE-2018-0769", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1390" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43710.js", "reference_id": "CVE-2018-0769", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43710.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0769", "reference_id": "CVE-2018-0769", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0769" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0769", "reference_id": "CVE-2018-0769", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0769" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0769" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-brne-zr1j-zqdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12782?format=api", "vulnerability_id": "VCID-btua-a1pr-mbbe", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19011", "scoring_system": "epss", "scoring_elements": "0.95436", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8283" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b2f092ea42744d569fd102e8dd85d5524269bdd0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b2f092ea42744d569fd102e8dd85d5524269bdd0" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210125211350/http://www.securityfocus.com/bid/104633", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125211350/http://www.securityfocus.com/bid/104633" }, { "reference_url": "http://www.securityfocus.com/bid/104633", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104633" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8283", "reference_id": "CVE-2018-8283", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8283" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283", "reference_id": "CVE-2018-8283", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283" }, { "reference_url": "https://github.com/advisories/GHSA-ch84-pxpj-7hhm", "reference_id": "GHSA-ch84-pxpj-7hhm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ch84-pxpj-7hhm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8283", "GHSA-ch84-pxpj-7hhm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btua-a1pr-mbbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12016?format=api", "vulnerability_id": "VCID-busw-m81p-67ch", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77751", "scoring_system": "epss", "scoring_elements": "0.99018", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0776" }, { "reference_url": "https://www.exploit-db.com/exploits/43723/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43723/" }, { "reference_url": "http://www.securityfocus.com/bid/102401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102401" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1420", "reference_id": "CVE-2018-0776", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1420" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43723.js", "reference_id": "CVE-2018-0776", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43723.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0776", "reference_id": "CVE-2018-0776", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0776" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776", "reference_id": "CVE-2018-0776", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0776" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0776" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-busw-m81p-67ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13411?format=api", "vulnerability_id": "VCID-cmad-nxc3-3ugn", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0655", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08962", "scoring_system": "epss", "scoring_elements": "0.9273", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0655" }, { "reference_url": "http://www.securityfocus.com/bid/106912", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106912" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0655", "reference_id": "CVE-2019-0655", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0655" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655", "reference_id": "CVE-2019-0655", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0655" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cmad-nxc3-3ugn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12309?format=api", "vulnerability_id": "VCID-dc3y-6mb9-6fe1", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.63585", "scoring_system": "epss", "scoring_elements": "0.98436", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0946" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/bee1e247bf6acbc8c862c7fc1d597ce9cab7446e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/bee1e247bf6acbc8c862c7fc1d597ce9cab7446e" }, { "reference_url": "https://web.archive.org/web/20210125210449/https://www.securityfocus.com/bid/103989", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125210449/https://www.securityfocus.com/bid/103989" }, { "reference_url": "https://web.archive.org/web/20210125210449/https://www.securityfocus.com/bid/103989/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20210125210449/https://www.securityfocus.com/bid/103989/" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://www.exploit-db.com/exploits/44758", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44758" }, { "reference_url": "https://www.exploit-db.com/exploits/44758/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44758/" }, { "reference_url": "http://www.securityfocus.com/bid/103989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103989" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1534", "reference_id": "CVE-2018-0946", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1534" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44758.html", "reference_id": "CVE-2018-0946", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44758.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0946", "reference_id": "CVE-2018-0946", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0946" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0946", "reference_id": "CVE-2018-0946", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0946" }, { "reference_url": "https://github.com/advisories/GHSA-wc67-4cg3-35wf", "reference_id": "GHSA-wc67-4cg3-35wf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wc67-4cg3-35wf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-0946", "GHSA-wc67-4cg3-35wf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dc3y-6mb9-6fe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12322?format=api", "vulnerability_id": "VCID-dcer-1uh1-a7h9", "summary": "Out-of-bounds Read\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76997", "scoring_system": "epss", "scoring_elements": "0.98984", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8139" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/ee5dfabc51728f97f6d69e89c88af088251b6b76", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/ee5dfabc51728f97f6d69e89c88af088251b6b76" }, { "reference_url": "https://web.archive.org/web/20210124164247/http://www.securityfocus.com/bid/103977", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164247/http://www.securityfocus.com/bid/103977" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://www.exploit-db.com/exploits/45012", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45012" }, { "reference_url": "https://www.exploit-db.com/exploits/45012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45012/" }, { "reference_url": "http://www.securityfocus.com/bid/103977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103977" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1569&desc=2", "reference_id": "CVE-2018-8139", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1569&desc=2" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45012.js", "reference_id": "CVE-2018-8139", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45012.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8139", "reference_id": "CVE-2018-8139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8139" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139", "reference_id": "CVE-2018-8139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139" }, { "reference_url": "https://github.com/advisories/GHSA-5hxp-3237-j2hp", "reference_id": "GHSA-5hxp-3237-j2hp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5hxp-3237-j2hp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-8139", "GHSA-5hxp-3237-j2hp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcer-1uh1-a7h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13705?format=api", "vulnerability_id": "VCID-e1b9-bq4b-9fh7", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nAn information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12446", "scoring_system": "epss", "scoring_elements": "0.94027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0990" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0990", "reference_id": "CVE-2019-0990", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0990" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990", "reference_id": "CVE-2019-0990", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57205?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.10" } ], "aliases": [ "CVE-2019-0990" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1b9-bq4b-9fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142912?format=api", "vulnerability_id": "VCID-eygy-bzey-7yaq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04748", "scoring_system": "epss", "scoring_elements": "0.896", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1062" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7f0d390ad77d838cbb81d4586c83ec822f384ce8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7f0d390ad77d838cbb81d4586c83ec822f384ce8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1062", "reference_id": "CVE-2019-1062", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1062" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062", "reference_id": "CVE-2019-1062", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062" }, { "reference_url": "https://github.com/advisories/GHSA-rh4p-g7x6-8pqg", "reference_id": "GHSA-rh4p-g7x6-8pqg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rh4p-g7x6-8pqg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1062", "GHSA-rh4p-g7x6-8pqg" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eygy-bzey-7yaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12780?format=api", "vulnerability_id": "VCID-f8m6-a9a9-juhw", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer, Microsoft Edge, Internet Explorer This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24465", "scoring_system": "epss", "scoring_elements": "0.96209", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8287" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/fa89a7031e75ca8b4a595765e897e8fc0d9fae76", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/fa89a7031e75ca8b4a595765e897e8fc0d9fae76" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210125211352/http://www.securityfocus.com/bid/104634", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125211352/http://www.securityfocus.com/bid/104634" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://web.archive.org/web/20220120050525/http://www.securitytracker.com/id/1041258", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220120050525/http://www.securitytracker.com/id/1041258" }, { "reference_url": "http://www.securityfocus.com/bid/104634", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104634" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securitytracker.com/id/1041258", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041258" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8287", "reference_id": "CVE-2018-8287", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8287" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287", "reference_id": "CVE-2018-8287", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287" }, { "reference_url": "https://github.com/advisories/GHSA-p97q-j98q-f98w", "reference_id": "GHSA-p97q-j98q-f98w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p97q-j98q-f98w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8287", "GHSA-p97q-j98q-f98w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8m6-a9a9-juhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13510?format=api", "vulnerability_id": "VCID-fedc-anrx-ufg2", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44847", "scoring_system": "epss", "scoring_elements": "0.97641", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0812" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/4cb3bbd332f67947fab5f4306d75d0749ea4d5fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/4cb3bbd332f67947fab5f4306d75d0749ea4d5fc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0812", "reference_id": "CVE-2019-0812", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0812" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812", "reference_id": "CVE-2019-0812", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812" }, { "reference_url": "https://github.com/advisories/GHSA-rpfg-xf88-cq5r", "reference_id": "GHSA-rpfg-xf88-cq5r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rpfg-xf88-cq5r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0812", "GHSA-rpfg-xf88-cq5r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fedc-anrx-ufg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143240?format=api", "vulnerability_id": "VCID-fj84-9g1p-vfa5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06916", "scoring_system": "epss", "scoring_elements": "0.91539", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1426" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1426", "reference_id": "CVE-2019-1426", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1426" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426", "reference_id": "CVE-2019-1426", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154849?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.15" } ], "aliases": [ "CVE-2019-1426" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fj84-9g1p-vfa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151083?format=api", "vulnerability_id": "VCID-fxfn-jq82-n3fy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0712" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/2e33d8247fbde3b663be5587802bf56942965cad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/2e33d8247fbde3b663be5587802bf56942965cad" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0712", "reference_id": "CVE-2020-0712", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0712" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712", "reference_id": "CVE-2020-0712", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0712", "GHSA-w6qf-35f2-j6h7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxfn-jq82-n3fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142954?format=api", "vulnerability_id": "VCID-fzjt-qse7-kbd5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04657", "scoring_system": "epss", "scoring_elements": "0.89483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1106" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/362e96537af207be3ecf7fa32f338229ee1dcc46", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/362e96537af207be3ecf7fa32f338229ee1dcc46" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1106", "reference_id": "CVE-2019-1106", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1106" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106", "reference_id": "CVE-2019-1106", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106" }, { "reference_url": "https://github.com/advisories/GHSA-mg98-x2cm-4cpf", "reference_id": "GHSA-mg98-x2cm-4cpf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mg98-x2cm-4cpf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1106", "GHSA-mg98-x2cm-4cpf" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzjt-qse7-kbd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151138?format=api", "vulnerability_id": "VCID-ggf4-u8qd-eff7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42191", "scoring_system": "epss", "scoring_elements": "0.97508", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0767" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/161c8957913ffb48bddef4423998b2eb642f35b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/161c8957913ffb48bddef4423998b2eb642f35b3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0767", "reference_id": "CVE-2020-0767", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0767" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767", "reference_id": "CVE-2020-0767", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0767", "GHSA-fhc8-h6hr-h9mq" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ggf4-u8qd-eff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11977?format=api", "vulnerability_id": "VCID-gvr1-zbs9-sffy", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11905" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d97375c40cfd2b2376a5c4b6cd34098e1e99e1f1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d97375c40cfd2b2376a5c4b6cd34098e1e99e1f1" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122448/http://www.securityfocus.com/bid/102050", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122448/http://www.securityfocus.com/bid/102050" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "http://www.securityfocus.com/bid/102050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102050" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11905", "reference_id": "CVE-2017-11905", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11905" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11905", "reference_id": "CVE-2017-11905", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11905", "GHSA-72gm-pp6q-gpx5" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gvr1-zbs9-sffy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13413?format=api", "vulnerability_id": "VCID-gyyj-1jxm-vfbu", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0593", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41246", "scoring_system": "epss", "scoring_elements": "0.97462", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0593" }, { "reference_url": "http://www.securityfocus.com/bid/106936", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106936" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0593", "reference_id": "CVE-2019-0593", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0593" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593", "reference_id": "CVE-2019-0593", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0593" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gyyj-1jxm-vfbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13420?format=api", "vulnerability_id": "VCID-hagb-nxwq-tbg3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0642" }, { "reference_url": "http://www.securityfocus.com/bid/106911", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106911" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0642", "reference_id": "CVE-2019-0642", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0642" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642", "reference_id": "CVE-2019-0642", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0642" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hagb-nxwq-tbg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12316?format=api", "vulnerability_id": "VCID-hbcj-83rp-jbd4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.284", "scoring_system": "epss", "scoring_elements": "0.96593", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8130" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/bee1e247bf6acbc8c862c7fc1d597ce9cab7446e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/bee1e247bf6acbc8c862c7fc1d597ce9cab7446e" }, { "reference_url": "https://web.archive.org/web/20210124164256/http://www.securityfocus.com/bid/103981", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164256/http://www.securityfocus.com/bid/103981" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "http://www.securityfocus.com/bid/103981", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103981" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8130", "reference_id": "CVE-2018-8130", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8130" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8130", "reference_id": "CVE-2018-8130", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8130" }, { "reference_url": "https://github.com/advisories/GHSA-3fvw-g6mr-w247", "reference_id": "GHSA-3fvw-g6mr-w247", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fvw-g6mr-w247" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-8130", "GHSA-3fvw-g6mr-w247" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbcj-83rp-jbd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13610?format=api", "vulnerability_id": "VCID-hcfa-1wq4-wyga", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0925" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/32ca10f3955f2a3ca56c6671c721b1264eca06b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/32ca10f3955f2a3ca56c6671c721b1264eca06b8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0925", "reference_id": "CVE-2019-0925", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0925" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925", "reference_id": "CVE-2019-0925", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925" }, { "reference_url": "https://github.com/advisories/GHSA-v648-p92f-9996", "reference_id": "GHSA-v648-p92f-9996", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v648-p92f-9996" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0925", "GHSA-v648-p92f-9996" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hcfa-1wq4-wyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143132?format=api", "vulnerability_id": "VCID-hdpy-kfn8-sbba", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1298" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/fe8f981f8e426ff61159e750a368e94ecbb87782", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/fe8f981f8e426ff61159e750a368e94ecbb87782" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1298", "reference_id": "CVE-2019-1298", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1298" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298", "reference_id": "CVE-2019-1298", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298" }, { "reference_url": "https://github.com/advisories/GHSA-2452-3rwv-x89c", "reference_id": "GHSA-2452-3rwv-x89c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2452-3rwv-x89c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1298", "GHSA-2452-3rwv-x89c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdpy-kfn8-sbba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13607?format=api", "vulnerability_id": "VCID-je2z-mcvk-gqhp", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0924" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/6615113a09c0618ecc10e5680ffb978bf665641f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/6615113a09c0618ecc10e5680ffb978bf665641f" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0924", "reference_id": "CVE-2019-0924", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0924" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924", "reference_id": "CVE-2019-0924", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924" }, { "reference_url": "https://github.com/advisories/GHSA-prxj-c66c-4gcf", "reference_id": "GHSA-prxj-c66c-4gcf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-prxj-c66c-4gcf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0924", "GHSA-prxj-c66c-4gcf" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-je2z-mcvk-gqhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11788?format=api", "vulnerability_id": "VCID-jerx-5eyv-ebeq", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Microsoft Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11812, and CVE-2017-11821.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11811", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.74043", "scoring_system": "epss", "scoring_elements": "0.98858", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11811" }, { "reference_url": "https://www.exploit-db.com/exploits/43152/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43152/" }, { "reference_url": "http://www.securityfocus.com/bid/101138", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101138" }, { "reference_url": "http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039529" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3", "reference_id": "CVE-2017-11811", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43152.js", "reference_id": "CVE-2017-11811", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43152.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11811", "reference_id": "CVE-2017-11811", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11811" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11811", "reference_id": "CVE-2017-11811", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11811" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53398?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.3" } ], "aliases": [ "CVE-2017-11811" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jerx-5eyv-ebeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13515?format=api", "vulnerability_id": "VCID-jmx4-vvk4-ykdk", "summary": "Integer Overflow or Wraparound\nA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17995", "scoring_system": "epss", "scoring_elements": "0.95275", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0639" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0639", "reference_id": "CVE-2019-0639", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0639" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639", "reference_id": "CVE-2019-0639", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639" }, { "reference_url": "https://github.com/advisories/GHSA-6jf5-rmhv-38cw", "reference_id": "GHSA-6jf5-rmhv-38cw", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6jf5-rmhv-38cw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0639", "GHSA-6jf5-rmhv-38cw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmx4-vvk4-ykdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12024?format=api", "vulnerability_id": "VCID-kbee-zr5j-hkat", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77751", "scoring_system": "epss", "scoring_elements": "0.99018", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0770" }, { "reference_url": "https://www.exploit-db.com/exploits/44075/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44075/" }, { "reference_url": "http://www.securityfocus.com/bid/102397", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102397" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1434", "reference_id": "CVE-2018-0770", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1434" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44075.txt", "reference_id": "CVE-2018-0770", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44075.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0770", "reference_id": "CVE-2018-0770", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0770" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0770", "reference_id": "CVE-2018-0770", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0770" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0770" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbee-zr5j-hkat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151084?format=api", "vulnerability_id": "VCID-keaw-uz84-9qer", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0713" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/c7999d938d51cc44cd92dcf79b95a2ef8d3e2182", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/c7999d938d51cc44cd92dcf79b95a2ef8d3e2182" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0713", "reference_id": "CVE-2020-0713", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0713" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713", "reference_id": "CVE-2020-0713", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0713", "GHSA-g6mc-8679-ghx9" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-keaw-uz84-9qer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11969?format=api", "vulnerability_id": "VCID-kua2-9yb8-gkgq", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11910" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/40232a443c6316a58941572b0a4776b0677975ca", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/40232a443c6316a58941572b0a4776b0677975ca" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122716/http://www.securityfocus.com/bid/102086", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122716/http://www.securityfocus.com/bid/102086" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "http://www.securityfocus.com/bid/102086", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102086" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11910", "reference_id": "CVE-2017-11910", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11910" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11910", "reference_id": "CVE-2017-11910", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11910" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11910", "GHSA-735f-mx7h-46w8" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kua2-9yb8-gkgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13416?format=api", "vulnerability_id": "VCID-mczu-b3e6-5bgb", "summary": "Privilege Escalation\nA vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09543", "scoring_system": "epss", "scoring_elements": "0.92986", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0649" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/beba75a1aed0933cf3c76efb4dc67529dc035901", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/beba75a1aed0933cf3c76efb4dc67529dc035901" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5936", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5936" }, { "reference_url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877" }, { "reference_url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20210125001406/https://www.securityfocus.com/bid/106877/" }, { "reference_url": "http://www.securityfocus.com/bid/106877", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106877" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0649", "reference_id": "CVE-2019-0649", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0649" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649", "reference_id": "CVE-2019-0649", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649" }, { "reference_url": "https://github.com/advisories/GHSA-6c6r-39cv-x5fq", "reference_id": "GHSA-6c6r-39cv-x5fq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6c6r-39cv-x5fq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0649", "GHSA-6c6r-39cv-x5fq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mczu-b3e6-5bgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12783?format=api", "vulnerability_id": "VCID-me7g-49jk-63c2", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18649", "scoring_system": "epss", "scoring_elements": "0.95385", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8275" }, { "reference_url": "http://www.securityfocus.com/bid/104632", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104632" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8275", "reference_id": "CVE-2018-8275", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8275" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275", "reference_id": "CVE-2018-8275", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55054?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.0" } ], "aliases": [ "CVE-2018-8275" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-me7g-49jk-63c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12321?format=api", "vulnerability_id": "VCID-mksq-kg9m-uqdz", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16579", "scoring_system": "epss", "scoring_elements": "0.95026", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1022" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/28928cba24968ed11022608f466c4ccc3470e64d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/28928cba24968ed11022608f466c4ccc3470e64d" }, { "reference_url": "https://web.archive.org/web/20210124164250/http://www.securityfocus.com/bid/103978", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164250/http://www.securityfocus.com/bid/103978" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "http://www.securityfocus.com/bid/103978", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103978" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1022", "reference_id": "CVE-2018-1022", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1022" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022", "reference_id": "CVE-2018-1022", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022" }, { "reference_url": "https://github.com/advisories/GHSA-wjmf-6x7g-xq67", "reference_id": "GHSA-wjmf-6x7g-xq67", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wjmf-6x7g-xq67" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-1022", "GHSA-wjmf-6x7g-xq67" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mksq-kg9m-uqdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13613?format=api", "vulnerability_id": "VCID-mm2r-t2rz-7ygp", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0915" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0915", "reference_id": "CVE-2019-0915", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0915" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915", "reference_id": "CVE-2019-0915", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915" }, { "reference_url": "https://github.com/advisories/GHSA-fm9p-5m9f-rq85", "reference_id": "GHSA-fm9p-5m9f-rq85", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fm9p-5m9f-rq85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0915", "GHSA-fm9p-5m9f-rq85" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mm2r-t2rz-7ygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13615?format=api", "vulnerability_id": "VCID-mmba-qzvj-37df", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0917" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0917", "reference_id": "CVE-2019-0917", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0917" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917", "reference_id": "CVE-2019-0917", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917" }, { "reference_url": "https://github.com/advisories/GHSA-rx34-jff5-ph35", "reference_id": "GHSA-rx34-jff5-ph35", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rx34-jff5-ph35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0917", "GHSA-rx34-jff5-ph35" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmba-qzvj-37df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12319?format=api", "vulnerability_id": "VCID-mnd4-84rp-mbb4", "summary": "Access of Resource Using Incompatible Type ('Type Confusion')\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.62258", "scoring_system": "epss", "scoring_elements": "0.98382", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8133" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/1b56f9fedf078ce100d65e9e7661bf1cfdc63502", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/1b56f9fedf078ce100d65e9e7661bf1cfdc63502" }, { "reference_url": "https://web.archive.org/web/20210124164259/http://www.securityfocus.com/bid/103982", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164259/http://www.securityfocus.com/bid/103982" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://www.exploit-db.com/exploits/44817", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44817" }, { "reference_url": "https://www.exploit-db.com/exploits/44817/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44817/" }, { "reference_url": "http://www.securityfocus.com/bid/103982", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103982" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1542", "reference_id": "CVE-2018-8133", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1542" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44817.js", "reference_id": "CVE-2018-8133", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44817.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8133", "reference_id": "CVE-2018-8133", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8133" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8133", "reference_id": "CVE-2018-8133", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8133" }, { "reference_url": "https://github.com/advisories/GHSA-8rqh-8726-83h7", "reference_id": "GHSA-8rqh-8726-83h7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8rqh-8726-83h7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-8133", "GHSA-8rqh-8726-83h7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnd4-84rp-mbb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11972?format=api", "vulnerability_id": "VCID-mpe4-db65-4qab", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73407", "scoring_system": "epss", "scoring_elements": "0.98823", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11918" }, { "reference_url": "https://www.exploit-db.com/exploits/43469/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43469/" }, { "reference_url": "http://www.securityfocus.com/bid/102089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102089" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1396", "reference_id": "CVE-2017-11918", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1396" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43469.js", "reference_id": "CVE-2017-11918", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43469.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11918", "reference_id": "CVE-2017-11918", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11918" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11918", "reference_id": "CVE-2017-11918", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11918" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11918" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mpe4-db65-4qab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12035?format=api", "vulnerability_id": "VCID-mqsb-hzpy-5ygv", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73993", "scoring_system": "epss", "scoring_elements": "0.98854", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0775" }, { "reference_url": "https://www.exploit-db.com/exploits/43717/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43717/" }, { "reference_url": "http://www.securityfocus.com/bid/102400", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102400" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1412", "reference_id": "CVE-2018-0775", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1412" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43717.js", "reference_id": "CVE-2018-0775", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43717.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0775", "reference_id": "CVE-2018-0775", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0775" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775", "reference_id": "CVE-2018-0775", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0775" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqsb-hzpy-5ygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11789?format=api", "vulnerability_id": "VCID-ncbk-mcwh-3fa3", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Microsoft Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, and CVE-2017-11812.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11821", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11821" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/2a07ca62db5618f4c75fd7749a6b49c831957d84", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/2a07ca62db5618f4c75fd7749a6b49c831957d84" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/3917", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/3917" }, { "reference_url": "https://web.archive.org/web/20210124105815/http://www.securityfocus.com/bid/101123", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124105815/http://www.securityfocus.com/bid/101123" }, { "reference_url": "https://web.archive.org/web/20211208040741/http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211208040741/http://www.securitytracker.com/id/1039529" }, { "reference_url": "http://www.securityfocus.com/bid/101123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101123" }, { "reference_url": "http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11821", "reference_id": "CVE-2017-11821", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11821" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11821", "reference_id": "CVE-2017-11821", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11821" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53399?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/53398?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.3" } ], "aliases": [ "CVE-2017-11821", "GHSA-rhwh-jw9h-4m49" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncbk-mcwh-3fa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142940?format=api", "vulnerability_id": "VCID-nd4s-mcgx-s3bs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04748", "scoring_system": "epss", "scoring_elements": "0.896", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1092" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d4e767fb946128c135d77edda7a794561e1c1f06", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d4e767fb946128c135d77edda7a794561e1c1f06" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1092", "reference_id": "CVE-2019-1092", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1092" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092", "reference_id": "CVE-2019-1092", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092" }, { "reference_url": "https://github.com/advisories/GHSA-2x75-mf24-588m", "reference_id": "GHSA-2x75-mf24-588m", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2x75-mf24-588m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1092", "GHSA-2x75-mf24-588m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nd4s-mcgx-s3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12034?format=api", "vulnerability_id": "VCID-nh3m-s7fe-bqek", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73993", "scoring_system": "epss", "scoring_elements": "0.98854", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0774" }, { "reference_url": "https://www.exploit-db.com/exploits/43715/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43715/" }, { "reference_url": "http://www.securityfocus.com/bid/102399", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102399" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1411", "reference_id": "CVE-2018-0774", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1411" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43715.js", "reference_id": "CVE-2018-0774", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43715.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0774", "reference_id": "CVE-2018-0774", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0774" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774", "reference_id": "CVE-2018-0774", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0774" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0774" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nh3m-s7fe-bqek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13516?format=api", "vulnerability_id": "VCID-njsb-3b47-77hk", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06805", "scoring_system": "epss", "scoring_elements": "0.91464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0771" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0771", "reference_id": "CVE-2019-0771", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0771" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771", "reference_id": "CVE-2019-0771", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771" }, { "reference_url": "https://github.com/advisories/GHSA-fvpg-qx3g-7mp7", "reference_id": "GHSA-fvpg-qx3g-7mp7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fvpg-qx3g-7mp7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0771", "GHSA-fvpg-qx3g-7mp7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njsb-3b47-77hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142951?format=api", "vulnerability_id": "VCID-nn2u-snsx-83hq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04657", "scoring_system": "epss", "scoring_elements": "0.89483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1103" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/efab3101028045cbfa0cc21bd852f75bcc037dba", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/efab3101028045cbfa0cc21bd852f75bcc037dba" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1103", "reference_id": "CVE-2019-1103", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1103" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103", "reference_id": "CVE-2019-1103", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103" }, { "reference_url": "https://github.com/advisories/GHSA-vmf5-924f-25f2", "reference_id": "GHSA-vmf5-924f-25f2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vmf5-924f-25f2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1103", "GHSA-vmf5-924f-25f2" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nn2u-snsx-83hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13505?format=api", "vulnerability_id": "VCID-nypa-dv6a-aydu", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06805", "scoring_system": "epss", "scoring_elements": "0.91464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0773" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0773", "reference_id": "CVE-2019-0773", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0773" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773", "reference_id": "CVE-2019-0773", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773" }, { "reference_url": "https://github.com/advisories/GHSA-3w9q-c44j-37jj", "reference_id": "GHSA-3w9q-c44j-37jj", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3w9q-c44j-37jj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0773", "GHSA-3w9q-c44j-37jj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nypa-dv6a-aydu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12220?format=api", "vulnerability_id": "VCID-nyyv-c55j-pyea", "summary": "Out-of-bounds Write\nChakraCore and Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka \"Chakra Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76952", "scoring_system": "epss", "scoring_elements": "0.98982", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0933" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/6d5532d867202bc2e1b8b6b8c6f9c1c44a0f5ab8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/6d5532d867202bc2e1b8b6b8c6f9c1c44a0f5ab8" }, { "reference_url": "https://web.archive.org/web/20201021051922/http://www.securitytracker.com/id/1040507", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201021051922/http://www.securitytracker.com/id/1040507" }, { "reference_url": "https://web.archive.org/web/20210124144714/http://www.securityfocus.com/bid/103274", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124144714/http://www.securityfocus.com/bid/103274" }, { "reference_url": "https://www.exploit-db.com/exploits/44396", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44396" }, { "reference_url": "https://www.exploit-db.com/exploits/44396/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44396/" }, { "reference_url": "http://www.securityfocus.com/bid/103274", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103274" }, { "reference_url": "http://www.securitytracker.com/id/1040507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040507" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0933", "reference_id": "CVE-2018-0933", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0933" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0933", "reference_id": "CVE-2018-0933", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0933" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1502&desc=2", "reference_id": "CVE-2018-0934;CVE-2018-0933", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1502&desc=2" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44396.js", "reference_id": "CVE-2018-0934;CVE-2018-0933", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44396.js" }, { "reference_url": "https://github.com/advisories/GHSA-3j65-2jcq-w9fr", "reference_id": "GHSA-3j65-2jcq-w9fr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3j65-2jcq-w9fr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54153?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.2" } ], "aliases": [ "CVE-2018-0933", "GHSA-3j65-2jcq-w9fr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyyv-c55j-pyea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151081?format=api", "vulnerability_id": "VCID-pusx-pa1h-yyfu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05205", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0710" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/d89802674a591904c971f2d92b96b8f40839e7c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/6375/commits/d89802674a591904c971f2d92b96b8f40839e7c7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0710", "reference_id": "CVE-2020-0710", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0710" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710", "reference_id": "CVE-2020-0710", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213731?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.16" } ], "aliases": [ "CVE-2020-0710", "GHSA-67xp-4726-4978" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pusx-pa1h-yyfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13703?format=api", "vulnerability_id": "VCID-pxev-85t8-fug6", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nAn information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0990.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12446", "scoring_system": "epss", "scoring_elements": "0.94027", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1023" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1023", "reference_id": "CVE-2019-1023", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1023" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023", "reference_id": "CVE-2019-1023", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57205?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.10" } ], "aliases": [ "CVE-2019-1023" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxev-85t8-fug6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11780?format=api", "vulnerability_id": "VCID-pyt1-g2tu-eqb4", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Microsoft Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11805" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a9ea5c9365a6c7957df2afb41f970da87066ec2a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a9ea5c9365a6c7957df2afb41f970da87066ec2a" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/3917", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/3917" }, { "reference_url": "https://web.archive.org/web/20210125203400/http://www.securityfocus.com/bid/101132", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125203400/http://www.securityfocus.com/bid/101132" }, { "reference_url": "https://web.archive.org/web/20210723180751/http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210723180751/http://www.securitytracker.com/id/1039529" }, { "reference_url": "http://www.securityfocus.com/bid/101132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101132" }, { "reference_url": "http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11805", "reference_id": "CVE-2017-11805", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11805" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11805", "reference_id": "CVE-2017-11805", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11805" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53399?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/53398?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.3" } ], "aliases": [ "CVE-2017-11805", "GHSA-px6p-jxwr-27mc" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyt1-g2tu-eqb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12317?format=api", "vulnerability_id": "VCID-qgsm-c5dq-bfb8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22672", "scoring_system": "epss", "scoring_elements": "0.95959", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0945" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/87f33674726ca2e51e82f5fbed988d7b08406dfa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/87f33674726ca2e51e82f5fbed988d7b08406dfa" }, { "reference_url": "https://web.archive.org/web/20210124164317/http://www.securityfocus.com/bid/103987", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164317/http://www.securityfocus.com/bid/103987" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "http://www.securityfocus.com/bid/103987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103987" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0945", "reference_id": "CVE-2018-0945", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0945" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0945", "reference_id": "CVE-2018-0945", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0945" }, { "reference_url": "https://github.com/advisories/GHSA-5439-x5v5-2vhj", "reference_id": "GHSA-5439-x5v5-2vhj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5439-x5v5-2vhj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-0945", "GHSA-5439-x5v5-2vhj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgsm-c5dq-bfb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143134?format=api", "vulnerability_id": "VCID-qndq-e3vk-ybeu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03843", "scoring_system": "epss", "scoring_elements": "0.88382", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1300" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/95b3e3400afb8fa20743657f3a8057fb451e6f69", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/95b3e3400afb8fa20743657f3a8057fb451e6f69" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1300", "reference_id": "CVE-2019-1300", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1300" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300", "reference_id": "CVE-2019-1300", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300" }, { "reference_url": "https://github.com/advisories/GHSA-grvw-q343-58wh", "reference_id": "GHSA-grvw-q343-58wh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-grvw-q343-58wh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1300", "GHSA-grvw-q343-58wh" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qndq-e3vk-ybeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11970?format=api", "vulnerability_id": "VCID-qwbu-jvxv-bbej", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Windows, and Windows Server allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73407", "scoring_system": "epss", "scoring_elements": "0.98823", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11914" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/b488088279391deaaacfce4f0756caaefc284109", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/b488088279391deaaacfce4f0756caaefc284109" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122728/http://www.securityfocus.com/bid/102088", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122728/http://www.securityfocus.com/bid/102088" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://www.exploit-db.com/exploits/43713", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/43713" }, { "reference_url": "https://www.exploit-db.com/exploits/43713/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43713/" }, { "reference_url": "http://www.securityfocus.com/bid/102088", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102088" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1403", "reference_id": "CVE-2017-11914", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1403" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43713.js", "reference_id": "CVE-2017-11914", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43713.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11914", "reference_id": "CVE-2017-11914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11914" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11914", "reference_id": "CVE-2017-11914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11914" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11914", "GHSA-8r5c-8v97-g7vh" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwbu-jvxv-bbej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11787?format=api", "vulnerability_id": "VCID-qxax-card-uyfy", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26105", "scoring_system": "epss", "scoring_elements": "0.96377", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11801" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7b936e208e6a5f8dea84340760205d25c0efdf43", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7b936e208e6a5f8dea84340760205d25c0efdf43" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/3917", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/3917" }, { "reference_url": "https://web.archive.org/web/20210124110147/http://www.securityfocus.com/bid/101146", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124110147/http://www.securityfocus.com/bid/101146" }, { "reference_url": "http://www.securityfocus.com/bid/101146", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101146" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11801", "reference_id": "CVE-2017-11801", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11801" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11801", "reference_id": "CVE-2017-11801", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11801" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53398?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.3" } ], "aliases": [ "CVE-2017-11801", "GHSA-f8f9-q5hg-9c7q" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxax-card-uyfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143076?format=api", "vulnerability_id": "VCID-r16a-n5nn-nybp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04538", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1237" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/31f2588c7ba5b446bccf2769e9ecf4d444b73045", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/31f2588c7ba5b446bccf2769e9ecf4d444b73045" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/7e9a2ee60baa95ceb4f48f522f823c812ca90c80" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1237", "reference_id": "CVE-2019-1237", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1237" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237", "reference_id": "CVE-2019-1237", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237" }, { "reference_url": "https://github.com/advisories/GHSA-q99r-j969-6jwr", "reference_id": "GHSA-q99r-j969-6jwr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q99r-j969-6jwr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146718?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.13" } ], "aliases": [ "CVE-2019-1237", "GHSA-q99r-j969-6jwr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r16a-n5nn-nybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13609?format=api", "vulnerability_id": "VCID-rffd-vnyj-puc3", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0922" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a9ab1aae31078e80593b9227db11d316c2239ef3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a9ab1aae31078e80593b9227db11d316c2239ef3" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0922", "reference_id": "CVE-2019-0922", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0922" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922", "reference_id": "CVE-2019-0922", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922" }, { "reference_url": "https://github.com/advisories/GHSA-hrmm-f4j8-8vxc", "reference_id": "GHSA-hrmm-f4j8-8vxc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hrmm-f4j8-8vxc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0922", "GHSA-hrmm-f4j8-8vxc" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rffd-vnyj-puc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13512?format=api", "vulnerability_id": "VCID-rkns-keya-cyfj", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06805", "scoring_system": "epss", "scoring_elements": "0.91464", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0769" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0769", "reference_id": "CVE-2019-0769", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0769" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769", "reference_id": "CVE-2019-0769", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769" }, { "reference_url": "https://github.com/advisories/GHSA-8qh8-cv77-h83g", "reference_id": "GHSA-8qh8-cv77-h83g", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8qh8-cv77-h83g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0769", "GHSA-8qh8-cv77-h83g" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkns-keya-cyfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13499?format=api", "vulnerability_id": "VCID-rnva-ys32-7kbu", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44847", "scoring_system": "epss", "scoring_elements": "0.97641", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0592" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0592", "reference_id": "CVE-2019-0592", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0592" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592", "reference_id": "CVE-2019-0592", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592" }, { "reference_url": "https://github.com/advisories/GHSA-fv38-4c3m-25v8", "reference_id": "GHSA-fv38-4c3m-25v8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fv38-4c3m-25v8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56739?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.7" } ], "aliases": [ "CVE-2019-0592", "GHSA-fv38-4c3m-25v8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rnva-ys32-7kbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143242?format=api", "vulnerability_id": "VCID-rxgn-xep7-fya7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06916", "scoring_system": "epss", "scoring_elements": "0.91539", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1428" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1428", "reference_id": "CVE-2019-1428", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1428" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428", "reference_id": "CVE-2019-1428", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/154849?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.15" } ], "aliases": [ "CVE-2019-1428" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxgn-xep7-fya7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12029?format=api", "vulnerability_id": "VCID-ry6a-46j6-ybgk", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.74038", "scoring_system": "epss", "scoring_elements": "0.98857", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0758" }, { "reference_url": "https://www.exploit-db.com/exploits/43491/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43491/" }, { "reference_url": "http://www.securityfocus.com/bid/102405", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102405" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1380", "reference_id": "CVE-2018-0758", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1380" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43491.js", "reference_id": "CVE-2018-0758", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43491.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0758", "reference_id": "CVE-2018-0758", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0758" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0758", "reference_id": "CVE-2018-0758", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0758" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0758" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ry6a-46j6-ybgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12311?format=api", "vulnerability_id": "VCID-saxs-fd9n-cyem", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22672", "scoring_system": "epss", "scoring_elements": "0.95959", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8137" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/6e362fe94bc4bba7c8b8c6f819c1bee94c51893c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/6e362fe94bc4bba7c8b8c6f819c1bee94c51893c" }, { "reference_url": "https://web.archive.org/web/20210124164218/http://www.securityfocus.com/bid/103967", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124164218/http://www.securityfocus.com/bid/103967" }, { "reference_url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/http://www.securitytracker.com/id/1040844" }, { "reference_url": "http://www.securityfocus.com/bid/103967", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103967" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8137", "reference_id": "CVE-2018-8137", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8137" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8137", "reference_id": "CVE-2018-8137", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8137" }, { "reference_url": "https://github.com/advisories/GHSA-frh8-wrx9-gc53", "reference_id": "GHSA-frh8-wrx9-gc53", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-frh8-wrx9-gc53" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-8137", "GHSA-frh8-wrx9-gc53" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-saxs-fd9n-cyem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12273?format=api", "vulnerability_id": "VCID-shdw-sqhu-v3aa", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76997", "scoring_system": "epss", "scoring_elements": "0.98984", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0980" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/af07d28d486843bbd1fdefe742a9c090026b32ee", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/af07d28d486843bbd1fdefe742a9c090026b32ee" }, { "reference_url": "https://web.archive.org/web/20210124154606/http://www.securityfocus.com/bid/103626", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124154606/http://www.securityfocus.com/bid/103626" }, { "reference_url": "https://web.archive.org/web/20211207123630/http://www.securitytracker.com/id/1040650", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211207123630/http://www.securitytracker.com/id/1040650" }, { "reference_url": "https://www.exploit-db.com/exploits/44653", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44653" }, { "reference_url": "https://www.exploit-db.com/exploits/44653/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44653/" }, { "reference_url": "http://www.securityfocus.com/bid/103626", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103626" }, { "reference_url": "http://www.securitytracker.com/id/1040650", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040650" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1530", "reference_id": "CVE-2018-0980", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1530" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44653.js", "reference_id": "CVE-2018-0980", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44653.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0980", "reference_id": "CVE-2018-0980", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0980" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980", "reference_id": "CVE-2018-0980", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980" }, { "reference_url": "https://github.com/advisories/GHSA-xmvg-c4x3-9qwp", "reference_id": "GHSA-xmvg-c4x3-9qwp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xmvg-c4x3-9qwp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" } ], "aliases": [ "CVE-2018-0980", "GHSA-xmvg-c4x3-9qwp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-shdw-sqhu-v3aa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13423?format=api", "vulnerability_id": "VCID-sqfw-zhmk-mkbe", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0591" }, { "reference_url": "http://www.securityfocus.com/bid/106935", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106935" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0591", "reference_id": "CVE-2019-0591", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0591" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591", "reference_id": "CVE-2019-0591", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0591" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqfw-zhmk-mkbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12018?format=api", "vulnerability_id": "VCID-st54-u8tz-33gs", "summary": "Out-of-bounds Write\nInternet Explorer in Microsoft Windows 7 SP1, Windows Server and R2 SP1, Windows and Windows RT, Windows Server and R2, and Internet Explorer and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3205", "scoring_system": "epss", "scoring_elements": "0.96905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0762" }, { "reference_url": "http://www.securityfocus.com/bid/102408", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102408" }, { "reference_url": "http://www.securitytracker.com/id/1040099", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040099" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0762", "reference_id": "CVE-2018-0762", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0762" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0762", "reference_id": "CVE-2018-0762", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0762" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0762" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-st54-u8tz-33gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13522?format=api", "vulnerability_id": "VCID-t8bg-6rsw-ebf8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0806" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/50d1e46aac450f236927b309854e77fce4acd49f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/50d1e46aac450f236927b309854e77fce4acd49f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0806", "reference_id": "CVE-2019-0806", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0806" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806", "reference_id": "CVE-2019-0806", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806" }, { "reference_url": "https://github.com/advisories/GHSA-hg36-rmmm-hc5r", "reference_id": "GHSA-hg36-rmmm-hc5r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hg36-rmmm-hc5r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0806", "GHSA-hg36-rmmm-hc5r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8bg-6rsw-ebf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13616?format=api", "vulnerability_id": "VCID-tnh1-zjdq-6qhd", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0933" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/1a550c67b33b27675c0553152cabd09e4ffe3abf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/1a550c67b33b27675c0553152cabd09e4ffe3abf" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0933", "reference_id": "CVE-2019-0933", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0933" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933", "reference_id": "CVE-2019-0933", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933" }, { "reference_url": "https://github.com/advisories/GHSA-5rq8-3wvf-wrfg", "reference_id": "GHSA-5rq8-3wvf-wrfg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rq8-3wvf-wrfg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0933", "GHSA-5rq8-3wvf-wrfg" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tnh1-zjdq-6qhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143139?format=api", "vulnerability_id": "VCID-tnhg-2f5h-cfaa", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1307" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/3fe5e24694729966a157dc613f5586a6c75f1e9b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/3fe5e24694729966a157dc613f5586a6c75f1e9b" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/cc871514deeaeaedb5b757c2ca8cd4ab9abccb5d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1307", "reference_id": "CVE-2019-1307", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1307" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307", "reference_id": "CVE-2019-1307", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307" }, { "reference_url": "https://github.com/advisories/GHSA-6j89-jhpr-849f", "reference_id": "GHSA-6j89-jhpr-849f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6j89-jhpr-849f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146719?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.14" } ], "aliases": [ "CVE-2019-1307", "GHSA-6j89-jhpr-849f" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhg-2f5h-cfaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12032?format=api", "vulnerability_id": "VCID-tpdy-ttbh-5kh6", "summary": "Out-of-bounds Write\nMicrosoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77751", "scoring_system": "epss", "scoring_elements": "0.99018", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0777" }, { "reference_url": "https://www.exploit-db.com/exploits/43718/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43718/" }, { "reference_url": "http://www.securityfocus.com/bid/102402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102402" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1429&desc=2", "reference_id": "CVE-2018-0777", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1429&desc=2" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43718.js", "reference_id": "CVE-2018-0777", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/43718.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0777", "reference_id": "CVE-2018-0777", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0777" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0777", "reference_id": "CVE-2018-0777", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0777" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0777" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tpdy-ttbh-5kh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13412?format=api", "vulnerability_id": "VCID-udcs-da57-q7hs", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0652", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0652" }, { "reference_url": "http://www.securityfocus.com/bid/106903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106903" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0652", "reference_id": "CVE-2019-0652", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0652" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652", "reference_id": "CVE-2019-0652", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0652" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-udcs-da57-q7hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12217?format=api", "vulnerability_id": "VCID-uwda-x8ud-b7ht", "summary": "Out-of-bounds Write\nChakraCore and Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka \"Chakra Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.85288", "scoring_system": "epss", "scoring_elements": "0.99375", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0934" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/6d0f5de1e0331fd6dd4f1ee0c0032430bcb131c3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/6d0f5de1e0331fd6dd4f1ee0c0032430bcb131c3" }, { "reference_url": "https://web.archive.org/web/20210125205549/http://www.securityfocus.com/bid/103275", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125205549/http://www.securityfocus.com/bid/103275" }, { "reference_url": "https://web.archive.org/web/20211026192005/http://www.securitytracker.com/id/1040507", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211026192005/http://www.securitytracker.com/id/1040507" }, { "reference_url": "https://www.exploit-db.com/exploits/44396", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44396" }, { "reference_url": "https://www.exploit-db.com/exploits/44396/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44396/" }, { "reference_url": "https://www.exploit-db.com/exploits/44397", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/44397" }, { "reference_url": "https://www.exploit-db.com/exploits/44397/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44397/" }, { "reference_url": "http://www.securityfocus.com/bid/103275", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103275" }, { "reference_url": "http://www.securitytracker.com/id/1040507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040507" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1503", "reference_id": "CVE-2018-0934", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1503" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44397.js", "reference_id": "CVE-2018-0934", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44397.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0934", "reference_id": "CVE-2018-0934", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0934" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0934", "reference_id": "CVE-2018-0934", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0934" }, { "reference_url": "https://github.com/advisories/GHSA-phcc-frh9-q545", "reference_id": "GHSA-phcc-frh9-q545", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-phcc-frh9-q545" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54153?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.2" } ], "aliases": [ "CVE-2018-0934", "GHSA-phcc-frh9-q545" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwda-x8ud-b7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12315?format=api", "vulnerability_id": "VCID-v4er-vyja-qffa", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer, Microsoft Edge.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20394", "scoring_system": "epss", "scoring_elements": "0.95643", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8178" }, { "reference_url": "http://www.securityfocus.com/bid/104076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104076" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8178", "reference_id": "CVE-2018-8178", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8178" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178", "reference_id": "CVE-2018-8178", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" } ], "aliases": [ "CVE-2018-8178" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v4er-vyja-qffa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11975?format=api", "vulnerability_id": "VCID-v7k3-6juv-47gr", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11889", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11889" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/66b9abb148705d2a36062931cd5a8466a588e6e4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/66b9abb148705d2a36062931cd5a8466a588e6e4" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122658/http://www.securityfocus.com/bid/102080", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122658/http://www.securityfocus.com/bid/102080" }, { "reference_url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210829201729/http://www.securitytracker.com/id/1039990" }, { "reference_url": "http://www.securityfocus.com/bid/102080", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102080" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11889", "reference_id": "CVE-2017-11889", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11889" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11889", "reference_id": "CVE-2017-11889", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11889" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11889", "GHSA-xw5f-g937-wgm2" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7k3-6juv-47gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12788?format=api", "vulnerability_id": "VCID-vk99-umu1-2bag", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76284", "scoring_system": "epss", "scoring_elements": "0.98953", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8288" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/f9b1cded66314c52ab2de8e4e68efb854bd6b9aa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/f9b1cded66314c52ab2de8e4e68efb854bd6b9aa" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5444", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5444" }, { "reference_url": "https://web.archive.org/web/20210124183729/http://www.securityfocus.com/bid/104636", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124183729/http://www.securityfocus.com/bid/104636" }, { "reference_url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202002348/http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://web.archive.org/web/20220120050525/http://www.securitytracker.com/id/1041258", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220120050525/http://www.securitytracker.com/id/1041258" }, { "reference_url": "https://www.exploit-db.com/exploits/45213", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45213" }, { "reference_url": "https://www.exploit-db.com/exploits/45213/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45213/" }, { "reference_url": "http://www.securityfocus.com/bid/104636", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104636" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "http://www.securitytracker.com/id/1041258", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041258" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1565", "reference_id": "CVE-2018-8288", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1565" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45213.js", "reference_id": "CVE-2018-8288", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45213.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8288", "reference_id": "CVE-2018-8288", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8288" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288", "reference_id": "CVE-2018-8288", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288" }, { "reference_url": "https://github.com/advisories/GHSA-4f79-fxh8-vgq2", "reference_id": "GHSA-4f79-fxh8-vgq2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4f79-fxh8-vgq2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" } ], "aliases": [ "CVE-2018-8288", "GHSA-4f79-fxh8-vgq2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vk99-umu1-2bag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13422?format=api", "vulnerability_id": "VCID-vser-kewx-akh4", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0644" }, { "reference_url": "http://www.securityfocus.com/bid/106889", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106889" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0644", "reference_id": "CVE-2019-0644", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0644" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644", "reference_id": "CVE-2019-0644", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0644" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vser-kewx-akh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11777?format=api", "vulnerability_id": "VCID-vx2e-zgfx-dkau", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Microsoft Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.78672", "scoring_system": "epss", "scoring_elements": "0.99067", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11799" }, { "reference_url": "https://www.exploit-db.com/exploits/42998/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42998/" }, { "reference_url": "http://www.securityfocus.com/bid/101126", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101126" }, { "reference_url": "http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039529" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1333", "reference_id": "CVE-2017-11799", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1333" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/42998.js", "reference_id": "CVE-2017-11799", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/42998.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11799", "reference_id": "CVE-2017-11799", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11799" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11799", "reference_id": "CVE-2017-11799", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11799" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53399?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.2" } ], "aliases": [ "CVE-2017-11799" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vx2e-zgfx-dkau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142955?format=api", "vulnerability_id": "VCID-vxjj-cqyk-w3hd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04657", "scoring_system": "epss", "scoring_elements": "0.89483", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1107" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/214dec9461f9acb9a4b9004368d2a81e0c125652", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/214dec9461f9acb9a4b9004368d2a81e0c125652" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/75162b7f2d8ac2b37d17564e9c979ba1bae707e8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1107", "reference_id": "CVE-2019-1107", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1107" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107", "reference_id": "CVE-2019-1107", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107" }, { "reference_url": "https://github.com/advisories/GHSA-5rcr-q3rx-j7vr", "reference_id": "GHSA-5rcr-q3rx-j7vr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5rcr-q3rx-j7vr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1107", "GHSA-5rcr-q3rx-j7vr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxjj-cqyk-w3hd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13419?format=api", "vulnerability_id": "VCID-w2kf-rnn3-huc8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1067", "scoring_system": "epss", "scoring_elements": "0.93432", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0605" }, { "reference_url": "http://www.securityfocus.com/bid/106905", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106905" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0605", "reference_id": "CVE-2019-0605", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0605" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605", "reference_id": "CVE-2019-0605", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56533?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.6" } ], "aliases": [ "CVE-2019-0605" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2kf-rnn3-huc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11976?format=api", "vulnerability_id": "VCID-wevg-rszb-9ufb", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server and R2 SP1, Windows and Windows RT, Windows Server and R2, and Internet Explorer and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3205", "scoring_system": "epss", "scoring_elements": "0.96905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11912" }, { "reference_url": "http://www.securityfocus.com/bid/102092", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102092" }, { "reference_url": "http://www.securitytracker.com/id/1039990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039990" }, { "reference_url": "http://www.securitytracker.com/id/1039991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039991" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11912", "reference_id": "CVE-2017-11912", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11912" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11912", "reference_id": "CVE-2017-11912", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11912" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11912" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wevg-rszb-9ufb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12310?format=api", "vulnerability_id": "VCID-wjjc-1wyd-87fp", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8137, CVE-2018-8139.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22672", "scoring_system": "epss", "scoring_elements": "0.95959", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8128" }, { "reference_url": "http://www.securityfocus.com/bid/103979", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103979" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8128", "reference_id": "CVE-2018-8128", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8128" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8128", "reference_id": "CVE-2018-8128", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8128" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" } ], "aliases": [ "CVE-2018-8128" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wjjc-1wyd-87fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13605?format=api", "vulnerability_id": "VCID-x6wa-636e-zugv", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0914" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0914", "reference_id": "CVE-2019-0914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0914" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914", "reference_id": "CVE-2019-0914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914" }, { "reference_url": "https://github.com/advisories/GHSA-h6wf-hvwc-fm77", "reference_id": "GHSA-h6wf-hvwc-fm77", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h6wf-hvwc-fm77" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0914", "GHSA-h6wf-hvwc-fm77" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6wa-636e-zugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12943?format=api", "vulnerability_id": "VCID-xcd3-cznv-xuc8", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27304", "scoring_system": "epss", "scoring_elements": "0.96492", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8459" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/e035a2db081cd4f385732e3ac5665ef087954825", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/e035a2db081cd4f385732e3ac5665ef087954825" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/5688", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/5688" }, { "reference_url": "https://web.archive.org/web/20210418104557/http://www.securityfocus.com/bid/105230", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210418104557/http://www.securityfocus.com/bid/105230" }, { "reference_url": "https://web.archive.org/web/20210517133345/http://www.securitytracker.com/id/1041623", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210517133345/http://www.securitytracker.com/id/1041623" }, { "reference_url": "http://www.securityfocus.com/bid/105230", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/105230" }, { "reference_url": "http://www.securitytracker.com/id/1041623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041623" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8459", "reference_id": "CVE-2018-8459", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8459" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8459", "reference_id": "CVE-2018-8459", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8459" }, { "reference_url": "https://github.com/advisories/GHSA-pcgp-vfgq-mf5j", "reference_id": "GHSA-pcgp-vfgq-mf5j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcgp-vfgq-mf5j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55055?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76913?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.1" } ], "aliases": [ "CVE-2018-8459", "GHSA-pcgp-vfgq-mf5j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xcd3-cznv-xuc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12031?format=api", "vulnerability_id": "VCID-xk96-csb5-syac", "summary": "Out-of-bounds Write\nInternet Explorer in Microsoft Windows 7 SP1, Windows Server and R2 SP1, Windows and Windows RT, Windows Server and R2, and Internet Explorer and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0773, CVE-2018-0774, CVE-2018-0775, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3205", "scoring_system": "epss", "scoring_elements": "0.96905", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0772" }, { "reference_url": "http://www.securityfocus.com/bid/102409", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102409" }, { "reference_url": "http://www.securitytracker.com/id/1040099", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040099" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0772", "reference_id": "CVE-2018-0772", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0772" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0772", "reference_id": "CVE-2018-0772", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0772" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xk96-csb5-syac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13611?format=api", "vulnerability_id": "VCID-xkm6-uy8d-x3cq", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0916" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d85b5025b047f10784c53c6c1dd771775d417f5f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0916", "reference_id": "CVE-2019-0916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0916" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916", "reference_id": "CVE-2019-0916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916" }, { "reference_url": "https://github.com/advisories/GHSA-7423-5qfm-g648", "reference_id": "GHSA-7423-5qfm-g648", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7423-5qfm-g648" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0916", "GHSA-7423-5qfm-g648" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkm6-uy8d-x3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11967?format=api", "vulnerability_id": "VCID-y3z3-emkf-bug3", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11918, and CVE-2017-11930.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2394", "scoring_system": "epss", "scoring_elements": "0.96123", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11916" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/69e03c35543d2bf3befce6885d78cd751bf5db10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/69e03c35543d2bf3befce6885d78cd751bf5db10" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/4411", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/4411" }, { "reference_url": "https://web.archive.org/web/20210124122737/http://www.securityfocus.com/bid/102090", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124122737/http://www.securityfocus.com/bid/102090" }, { "reference_url": "http://www.securityfocus.com/bid/102090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11916", "reference_id": "CVE-2017-11916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11916" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11916", "reference_id": "CVE-2017-11916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11916" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11916", "GHSA-5f5r-65pm-r3wr" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3z3-emkf-bug3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13606?format=api", "vulnerability_id": "VCID-yabf-1cc1-v7dk", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07977", "scoring_system": "epss", "scoring_elements": "0.92207", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0912" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/936a5af1c07e0fdec9aab85c05339dabe4aaeeb1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/936a5af1c07e0fdec9aab85c05339dabe4aaeeb1" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d797e3f00e34c12c8c0ae52f56344325439dccd7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0912", "reference_id": "CVE-2019-0912", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0912" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912", "reference_id": "CVE-2019-0912", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912" }, { "reference_url": "https://github.com/advisories/GHSA-w89r-qch4-8jv5", "reference_id": "GHSA-w89r-qch4-8jv5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w89r-qch4-8jv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57008?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.9" } ], "aliases": [ "CVE-2019-0912", "GHSA-w89r-qch4-8jv5" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yabf-1cc1-v7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12320?format=api", "vulnerability_id": "VCID-yc6q-h53h-9khy", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.284", "scoring_system": "epss", "scoring_elements": "0.96593", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0943" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/32ee5de20ce5b5c9332044039fea07616d76469d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/32ee5de20ce5b5c9332044039fea07616d76469d" }, { "reference_url": "https://web.archive.org/web/20210419155416/https://www.securityfocus.com/bid/103980", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210419155416/https://www.securityfocus.com/bid/103980" }, { "reference_url": "https://web.archive.org/web/20211204185256/https://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211204185256/https://www.securitytracker.com/id/1040844" }, { "reference_url": "http://www.securityfocus.com/bid/103980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103980" }, { "reference_url": "http://www.securitytracker.com/id/1040844", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0943", "reference_id": "CVE-2018-0943", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0943" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0943", "reference_id": "CVE-2018-0943", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0943" }, { "reference_url": "https://github.com/advisories/GHSA-7724-427r-8rvm", "reference_id": "GHSA-7724-427r-8rvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7724-427r-8rvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54338?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" } ], "aliases": [ "CVE-2018-0943", "GHSA-7724-427r-8rvm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yc6q-h53h-9khy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12027?format=api", "vulnerability_id": "VCID-z2u9-jd5w-rkb5", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nMicrosoft Edge in Microsoft Windows allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23543", "scoring_system": "epss", "scoring_elements": "0.96072", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-0800" }, { "reference_url": "http://www.securityfocus.com/bid/102392", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102392" }, { "reference_url": "http://www.securitytracker.com/id/1040100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0800", "reference_id": "CVE-2018-0800", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0800" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800", "reference_id": "CVE-2018-0800", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53773?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.6" } ], "aliases": [ "CVE-2018-0800" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2u9-jd5w-rkb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/142856?format=api", "vulnerability_id": "VCID-z6hg-axpc-1qht", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04059", "scoring_system": "epss", "scoring_elements": "0.88721", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-1001" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1001", "reference_id": "CVE-2019-1001", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1001" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001", "reference_id": "CVE-2019-1001", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142050?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.11" } ], "aliases": [ "CVE-2019-1001" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6hg-axpc-1qht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12699?format=api", "vulnerability_id": "VCID-z6nc-29bh-77h9", "summary": "Access of Resource Using Incompatible Type ('Type Confusion')\nA remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.79916", "scoring_system": "epss", "scoring_elements": "0.9913", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8229" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/9b270c55bfea2fbefc9482d3414c4b4b395cad10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/9b270c55bfea2fbefc9482d3414c4b4b395cad10" }, { "reference_url": "https://web.archive.org/web/20210124174715/http://www.securityfocus.com/bid/104369", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210124174715/http://www.securityfocus.com/bid/104369" }, { "reference_url": "https://web.archive.org/web/20210927135934/http://www.securitytracker.com/id/1041097", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210927135934/http://www.securitytracker.com/id/1041097" }, { "reference_url": "https://www.exploit-db.com/exploits/45013", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/45013" }, { "reference_url": "https://www.exploit-db.com/exploits/45013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45013/" }, { "reference_url": "http://www.securityfocus.com/bid/104369", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104369" }, { "reference_url": "http://www.securitytracker.com/id/1041097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041097" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1560", "reference_id": "CVE-2018-8229", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1560" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45013.js", "reference_id": "CVE-2018-8229", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45013.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8229", "reference_id": "CVE-2018-8229", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8229" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229", "reference_id": "CVE-2018-8229", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229" }, { "reference_url": "https://github.com/advisories/GHSA-jv5x-p843-g4qr", "reference_id": "GHSA-jv5x-p843-g4qr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jv5x-p843-g4qr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54401?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/76912?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.8.5" } ], "aliases": [ "CVE-2018-8229", "GHSA-jv5x-p843-g4qr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6nc-29bh-77h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11965?format=api", "vulnerability_id": "VCID-z8aj-6xyd-fkfq", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server R2 SP1, Windows and Windows RT, Windows Server R2, and Windows Gold, Windows Server, and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25571", "scoring_system": "epss", "scoring_elements": "0.96327", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11919" }, { "reference_url": "http://www.securityfocus.com/bid/102093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/102093" }, { "reference_url": "http://www.securitytracker.com/id/1039993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039993" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11919", "reference_id": "CVE-2017-11919", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11919" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11919", "reference_id": "CVE-2017-11919", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11919" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53730?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.5" } ], "aliases": [ "CVE-2017-11919" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8aj-6xyd-fkfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13517?format=api", "vulnerability_id": "VCID-zptc-hpne-x7at", "summary": "Out-of-bounds Write\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10453", "scoring_system": "epss", "scoring_elements": "0.93356", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0739" }, { "reference_url": "http://www.securityfocus.com/bid/107708", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107708" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0739", "reference_id": "CVE-2019-0739", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0739" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739", "reference_id": "CVE-2019-0739", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56747?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.11.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.11.8" } ], "aliases": [ "CVE-2019-0739" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zptc-hpne-x7at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12781?format=api", "vulnerability_id": "VCID-zqb9-5v29-xbc6", "summary": "Access of Resource Using Incompatible Type ('Type Confusion')\nA remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8279", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.80263", "scoring_system": "epss", "scoring_elements": "0.99143", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8279" }, { "reference_url": "https://www.exploit-db.com/exploits/45214/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45214/" }, { "reference_url": "http://www.securityfocus.com/bid/104641", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104641" }, { "reference_url": "http://www.securitytracker.com/id/1041256", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041256" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1570", "reference_id": "CVE-2018-8279", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1570" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45214.js", "reference_id": "CVE-2018-8279", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/45214.js" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8279", "reference_id": "CVE-2018-8279", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8279" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279", "reference_id": "CVE-2018-8279", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55054?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-zptc-hpne-x7at" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.10.0" } ], "aliases": [ "CVE-2018-8279" ], "risk_score": 1.4, "exploitability": "2.0", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqb9-5v29-xbc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11783?format=api", "vulnerability_id": "VCID-ztbp-3phk-zkeg", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nChakraCore and Microsoft Edge in Microsoft Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24372", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11808" }, { "reference_url": "http://www.securityfocus.com/bid/101135", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101135" }, { "reference_url": "http://www.securitytracker.com/id/1039529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039529" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11808", "reference_id": "CVE-2017-11808", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11808" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11808", "reference_id": "CVE-2017-11808", "reference_type": "", "scores": [], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11808" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53399?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.7.2" } ], "aliases": [ "CVE-2017-11808" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztbp-3phk-zkeg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16300?format=api", "vulnerability_id": "VCID-22sn-vwcj-j7a2", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3269.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20114", "scoring_system": "epss", "scoring_elements": "0.95592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3265" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/1291", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/1291" }, { "reference_url": "https://web.archive.org/web/20210121005807/http://www.securitytracker.com/id/1036286", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210121005807/http://www.securitytracker.com/id/1036286" }, { "reference_url": "https://web.archive.org/web/20210125172651/http://www.securityfocus.com/bid/91573", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125172651/http://www.securityfocus.com/bid/91573" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3265", "reference_id": "CVE-2016-3265", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3265" }, { "reference_url": "https://github.com/advisories/GHSA-f2pg-gcxp-gr2c", "reference_id": "GHSA-f2pg-gcxp-gr2c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f2pg-gcxp-gr2c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3265", "GHSA-f2pg-gcxp-gr2c" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22sn-vwcj-j7a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16510?format=api", "vulnerability_id": "VCID-5ek4-am5x-fqfq", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20359", "scoring_system": "epss", "scoring_elements": "0.95638", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3260" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/1291", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/1291" }, { "reference_url": "https://web.archive.org/web/20210123150650/http://www.securityfocus.com/bid/91580", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123150650/http://www.securityfocus.com/bid/91580" }, { "reference_url": "https://web.archive.org/web/20211202003833/http://www.securitytracker.com/id/1036283", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202003833/http://www.securitytracker.com/id/1036283" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3260", "reference_id": "CVE-2016-3260", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3260" }, { "reference_url": "https://github.com/advisories/GHSA-h6g3-73h7-chxp", "reference_id": "GHSA-h6g3-73h7-chxp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h6g3-73h7-chxp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3260", "GHSA-h6g3-73h7-chxp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ek4-am5x-fqfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16456?format=api", "vulnerability_id": "VCID-dd4f-ze16-nudp", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0191 and CVE-2016-0193.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21761", "scoring_system": "epss", "scoring_elements": "0.95843", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0186" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d21529b131d831fc4470139bfc90d80ae7481fa2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d21529b131d831fc4470139bfc90d80ae7481fa2" }, { "reference_url": "https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821" }, { "reference_url": "https://web.archive.org/web/20210123133438/http://www.securityfocus.com/bid/90008", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123133438/http://www.securityfocus.com/bid/90008" }, { "reference_url": "http://www.zerodayinitiative.com/advisories/ZDI-16-338", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-338" }, { "reference_url": "http://www.zerodayinitiative.com/advisories/ZDI-16-355", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-355" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0186", "reference_id": "CVE-2016-0186", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0186" }, { "reference_url": "https://github.com/advisories/GHSA-fjj8-gv4j-953p", "reference_id": "GHSA-fjj8-gv4j-953p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fjj8-gv4j-953p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-0186", "GHSA-fjj8-gv4j-953p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dd4f-ze16-nudp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16404?format=api", "vulnerability_id": "VCID-gdn2-6tud-2yad", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3214.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3199", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19183", "scoring_system": "epss", "scoring_elements": "0.95467", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3199" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/bcd950efee487bdfd73cd1282de4e02e82e62629", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/bcd950efee487bdfd73cd1282de4e02e82e62629" }, { "reference_url": "https://web.archive.org/web/20211129115034/http://www.securitytracker.com/id/1036099", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211129115034/http://www.securitytracker.com/id/1036099" }, { "reference_url": "http://www.zerodayinitiative.com/advisories/ZDI-16-367", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-367" }, { "reference_url": "http://www.zerodayinitiative.com/advisories/ZDI-16-368", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-368" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3199", "reference_id": "CVE-2016-3199", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3199" }, { "reference_url": "https://github.com/advisories/GHSA-vfjw-crcq-q92v", "reference_id": "GHSA-vfjw-crcq-q92v", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vfjw-crcq-q92v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3199", "GHSA-vfjw-crcq-q92v" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdn2-6tud-2yad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16461?format=api", "vulnerability_id": "VCID-mku1-q3m1-t3ct", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3248.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1814", "scoring_system": "epss", "scoring_elements": "0.95301", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3259" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/1291", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/1291" }, { "reference_url": "https://web.archive.org/web/20210125172712/http://www.securityfocus.com/bid/91581", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125172712/http://www.securityfocus.com/bid/91581" }, { "reference_url": "https://web.archive.org/web/20211202003833/http://www.securitytracker.com/id/1036283", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202003833/http://www.securitytracker.com/id/1036283" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3259", "reference_id": "CVE-2016-3259", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3259" }, { "reference_url": "https://github.com/advisories/GHSA-wm27-49x2-mg9q", "reference_id": "GHSA-wm27-49x2-mg9q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wm27-49x2-mg9q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3259", "GHSA-wm27-49x2-mg9q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mku1-q3m1-t3ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16301?format=api", "vulnerability_id": "VCID-phvh-ynuc-fygf", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3265.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17936", "scoring_system": "epss", "scoring_elements": "0.95266", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3269" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/17f3d4a4852dcc9e48de7091685b1862afb9f307" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/pull/1291", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/pull/1291" }, { "reference_url": "https://web.archive.org/web/20210121005807/http://www.securitytracker.com/id/1036286", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210121005807/http://www.securitytracker.com/id/1036286" }, { "reference_url": "https://web.archive.org/web/20210123150757/http://www.securityfocus.com/bid/91595", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123150757/http://www.securityfocus.com/bid/91595" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3269", "reference_id": "CVE-2016-3269", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3269" }, { "reference_url": "https://github.com/advisories/GHSA-8g43-4g4j-g9r5", "reference_id": "GHSA-8g43-4g4j-g9r5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8g43-4g4j-g9r5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3269", "GHSA-8g43-4g4j-g9r5" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phvh-ynuc-fygf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16414?format=api", "vulnerability_id": "VCID-renb-zau4-67ev", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka \"Scripting Engine Memory Corruption Vulnerability.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.32396", "scoring_system": "epss", "scoring_elements": "0.96929", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0024" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-002" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://web.archive.org/web/20210508011246/http://www.securityfocus.com/bid/79891", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210508011246/http://www.securityfocus.com/bid/79891" }, { "reference_url": "https://web.archive.org/web/20211024030653/http://www.securitytracker.com/id/1034649", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211024030653/http://www.securitytracker.com/id/1034649" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0024", "reference_id": "CVE-2016-0024", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0024" }, { "reference_url": "https://github.com/advisories/GHSA-g77f-7wm9-rh6p", "reference_id": "GHSA-g77f-7wm9-rh6p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g77f-7wm9-rh6p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-0024", "GHSA-g77f-7wm9-rh6p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-renb-zau4-67ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16356?format=api", "vulnerability_id": "VCID-vaz1-uz8b-4ubx", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0186 and CVE-2016-0191.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18329", "scoring_system": "epss", "scoring_elements": "0.95335", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0193" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/a1fbb4f1da86a9429c7c22aa11888f7b67a232e3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/a1fbb4f1da86a9429c7c22aa11888f7b67a232e3" }, { "reference_url": "https://web.archive.org/web/20200228012149/http://www.securityfocus.com/bid/90009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228012149/http://www.securityfocus.com/bid/90009" }, { "reference_url": "https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821" }, { "reference_url": "http://www.zerodayinitiative.com/advisories/ZDI-16-283", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-283" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0193", "reference_id": "CVE-2016-0193", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0193" }, { "reference_url": "https://github.com/advisories/GHSA-985m-xqv8-rh79", "reference_id": "GHSA-985m-xqv8-rh79", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-985m-xqv8-rh79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-0193", "GHSA-985m-xqv8-rh79" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vaz1-uz8b-4ubx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16476?format=api", "vulnerability_id": "VCID-vb2p-1rbx-uffw", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0186 and CVE-2016-0193.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18329", "scoring_system": "epss", "scoring_elements": "0.95335", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0191" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/d21529b131d831fc4470139bfc90d80ae7481fa2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/d21529b131d831fc4470139bfc90d80ae7481fa2" }, { "reference_url": "https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201024061334/http://www.securitytracker.com/id/1035821" }, { "reference_url": "https://web.archive.org/web/20210123133443/http://www.securityfocus.com/bid/90010", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210123133443/http://www.securityfocus.com/bid/90010" }, { "reference_url": "http://www.zerodayinitiative.com/advisories/ZDI-16-282", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-282" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0191", "reference_id": "CVE-2016-0191", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0191" }, { "reference_url": "https://github.com/advisories/GHSA-j69r-w67w-gf35", "reference_id": "GHSA-j69r-w67w-gf35", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j69r-w67w-gf35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-0191", "GHSA-j69r-w67w-gf35" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vb2p-1rbx-uffw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16336?format=api", "vulnerability_id": "VCID-vjex-5ekx-pyc7", "summary": "Improper Input Validation\nThe Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3202", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14916", "scoring_system": "epss", "scoring_elements": "0.94659", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3202" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/commit/ff9067ebe9e1c92eff4e25da95070bfd5942da07", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/commit/ff9067ebe9e1c92eff4e25da95070bfd5942da07" }, { "reference_url": "https://web.archive.org/web/20211129115034/http://www.securitytracker.com/id/1036099", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211129115034/http://www.securitytracker.com/id/1036099" }, { "reference_url": "https://web.archive.org/web/20211208124350/http://www.securitytracker.com/id/1036096", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211208124350/http://www.securitytracker.com/id/1036096" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3202", "reference_id": "CVE-2016-3202", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3202" }, { "reference_url": "https://github.com/advisories/GHSA-ww6f-76ff-phhj", "reference_id": "GHSA-ww6f-76ff-phhj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-ww6f-76ff-phhj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3202", "GHSA-ww6f-76ff-phhj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjex-5ekx-pyc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16329?format=api", "vulnerability_id": "VCID-x298-tj5u-j3de", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3259.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20359", "scoring_system": "epss", "scoring_elements": "0.95638", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3248" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" }, { "reference_url": "https://github.com/chakra-core/ChakraCore", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore" }, { "reference_url": "https://github.com/chakra-core/ChakraCore/wiki/Roadmap", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/chakra-core/ChakraCore/wiki/Roadmap" }, { "reference_url": "https://web.archive.org/web/20210125172707/http://www.securityfocus.com/bid/91578", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210125172707/http://www.securityfocus.com/bid/91578" }, { "reference_url": "https://web.archive.org/web/20211202003833/http://www.securitytracker.com/id/1036283", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211202003833/http://www.securitytracker.com/id/1036283" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3248", "reference_id": "CVE-2016-3248", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3248" }, { "reference_url": "https://github.com/advisories/GHSA-q6mv-8vh9-4ggj", "reference_id": "GHSA-q6mv-8vh9-4ggj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q6mv-8vh9-4ggj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61792?format=api", "purl": "pkg:nuget/Microsoft.ChakraCore@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18bt-p9bu-7kcg" }, { "vulnerability": "VCID-18cy-ef2d-sfgs" }, { "vulnerability": "VCID-193r-rk9b-73a7" }, { "vulnerability": "VCID-19s3-6hk5-zydp" }, { "vulnerability": "VCID-1d4d-6ycn-kfbg" }, { "vulnerability": "VCID-1fvy-afaq-7ffz" }, { "vulnerability": "VCID-1hm4-8j3z-gbe8" }, { "vulnerability": "VCID-1mqn-qxsq-gfb5" }, { "vulnerability": "VCID-1txb-sjay-ukfb" }, { "vulnerability": "VCID-1xh6-cjvx-4bej" }, { "vulnerability": "VCID-1xjh-99vu-vyf6" }, { "vulnerability": "VCID-27q5-85wq-ayhx" }, { "vulnerability": "VCID-2jw8-vq79-3yc4" }, { "vulnerability": "VCID-2ry8-tv1k-pyb3" }, { "vulnerability": "VCID-2x6n-tg25-wkc4" }, { "vulnerability": "VCID-3r3s-nrc8-sbe6" }, { "vulnerability": "VCID-431z-8875-d7fr" }, { "vulnerability": "VCID-46f5-3qcs-ckcw" }, { "vulnerability": "VCID-4jw5-n3pz-zuhf" }, { "vulnerability": "VCID-4kr2-wf77-nug4" }, { "vulnerability": "VCID-4n9b-ptn2-3ugd" }, { "vulnerability": "VCID-4rr8-ter6-7yaw" }, { "vulnerability": "VCID-523x-9n5w-rqc2" }, { "vulnerability": "VCID-532u-w1p6-rycx" }, { "vulnerability": "VCID-54xz-xw4u-xqh9" }, { "vulnerability": "VCID-558y-9j3b-fyd3" }, { "vulnerability": "VCID-5s8e-w8mp-xydh" }, { "vulnerability": "VCID-63zg-je8v-2yh6" }, { "vulnerability": "VCID-66rk-gaz2-x7et" }, { "vulnerability": "VCID-6yew-52pk-nfe9" }, { "vulnerability": "VCID-6zfw-kag6-sfhq" }, { "vulnerability": "VCID-7sqx-g2jn-9yds" }, { "vulnerability": "VCID-7trr-1jwb-zufw" }, { "vulnerability": "VCID-7z5t-cth2-ybe1" }, { "vulnerability": "VCID-8jd7-9g2p-xqec" }, { "vulnerability": "VCID-8jqz-9eaj-mfaj" }, { "vulnerability": "VCID-8swk-fket-wkes" }, { "vulnerability": "VCID-99dg-rm43-9qef" }, { "vulnerability": "VCID-9u2d-1vj5-sfbf" }, { "vulnerability": "VCID-9v8t-kbf9-yye5" }, { "vulnerability": "VCID-ahe3-4w9p-xfba" }, { "vulnerability": "VCID-b6wu-ubuv-jqeg" }, { "vulnerability": "VCID-bmba-t3ga-fuh6" }, { "vulnerability": "VCID-brne-zr1j-zqdz" }, { "vulnerability": "VCID-btua-a1pr-mbbe" }, { "vulnerability": "VCID-busw-m81p-67ch" }, { "vulnerability": "VCID-cmad-nxc3-3ugn" }, { "vulnerability": "VCID-dc3y-6mb9-6fe1" }, { "vulnerability": "VCID-dcer-1uh1-a7h9" }, { "vulnerability": "VCID-e1b9-bq4b-9fh7" }, { "vulnerability": "VCID-eygy-bzey-7yaq" }, { "vulnerability": "VCID-f8m6-a9a9-juhw" }, { "vulnerability": "VCID-fedc-anrx-ufg2" }, { "vulnerability": "VCID-fj84-9g1p-vfa5" }, { "vulnerability": "VCID-fxfn-jq82-n3fy" }, { "vulnerability": "VCID-fzjt-qse7-kbd5" }, { "vulnerability": "VCID-ggf4-u8qd-eff7" }, { "vulnerability": "VCID-gvr1-zbs9-sffy" }, { "vulnerability": "VCID-gyyj-1jxm-vfbu" }, { "vulnerability": "VCID-hagb-nxwq-tbg3" }, { "vulnerability": "VCID-hbcj-83rp-jbd4" }, { "vulnerability": "VCID-hcfa-1wq4-wyga" }, { "vulnerability": "VCID-hdpy-kfn8-sbba" }, { "vulnerability": "VCID-je2z-mcvk-gqhp" }, { "vulnerability": "VCID-jerx-5eyv-ebeq" }, { "vulnerability": "VCID-jmx4-vvk4-ykdk" }, { "vulnerability": "VCID-kbee-zr5j-hkat" }, { "vulnerability": "VCID-keaw-uz84-9qer" }, { "vulnerability": "VCID-kua2-9yb8-gkgq" }, { "vulnerability": "VCID-mczu-b3e6-5bgb" }, { "vulnerability": "VCID-me7g-49jk-63c2" }, { "vulnerability": "VCID-mksq-kg9m-uqdz" }, { "vulnerability": "VCID-mm2r-t2rz-7ygp" }, { "vulnerability": "VCID-mmba-qzvj-37df" }, { "vulnerability": "VCID-mnd4-84rp-mbb4" }, { "vulnerability": "VCID-mpe4-db65-4qab" }, { "vulnerability": "VCID-mqsb-hzpy-5ygv" }, { "vulnerability": "VCID-ncbk-mcwh-3fa3" }, { "vulnerability": "VCID-nd4s-mcgx-s3bs" }, { "vulnerability": "VCID-nh3m-s7fe-bqek" }, { "vulnerability": "VCID-njsb-3b47-77hk" }, { "vulnerability": "VCID-nn2u-snsx-83hq" }, { "vulnerability": "VCID-nypa-dv6a-aydu" }, { "vulnerability": "VCID-nyyv-c55j-pyea" }, { "vulnerability": "VCID-pusx-pa1h-yyfu" }, { "vulnerability": "VCID-pxev-85t8-fug6" }, { "vulnerability": "VCID-pyt1-g2tu-eqb4" }, { "vulnerability": "VCID-qgsm-c5dq-bfb8" }, { "vulnerability": "VCID-qndq-e3vk-ybeu" }, { "vulnerability": "VCID-qwbu-jvxv-bbej" }, { "vulnerability": "VCID-qxax-card-uyfy" }, { "vulnerability": "VCID-r16a-n5nn-nybp" }, { "vulnerability": "VCID-rffd-vnyj-puc3" }, { "vulnerability": "VCID-rkns-keya-cyfj" }, { "vulnerability": "VCID-rnva-ys32-7kbu" }, { "vulnerability": "VCID-rxgn-xep7-fya7" }, { "vulnerability": "VCID-ry6a-46j6-ybgk" }, { "vulnerability": "VCID-saxs-fd9n-cyem" }, { "vulnerability": "VCID-shdw-sqhu-v3aa" }, { "vulnerability": "VCID-sqfw-zhmk-mkbe" }, { "vulnerability": "VCID-st54-u8tz-33gs" }, { "vulnerability": "VCID-t8bg-6rsw-ebf8" }, { "vulnerability": "VCID-tnh1-zjdq-6qhd" }, { "vulnerability": "VCID-tnhg-2f5h-cfaa" }, { "vulnerability": "VCID-tpdy-ttbh-5kh6" }, { "vulnerability": "VCID-udcs-da57-q7hs" }, { "vulnerability": "VCID-uwda-x8ud-b7ht" }, { "vulnerability": "VCID-v4er-vyja-qffa" }, { "vulnerability": "VCID-v7k3-6juv-47gr" }, { "vulnerability": "VCID-vk99-umu1-2bag" }, { "vulnerability": "VCID-vser-kewx-akh4" }, { "vulnerability": "VCID-vx2e-zgfx-dkau" }, { "vulnerability": "VCID-vxjj-cqyk-w3hd" }, { "vulnerability": "VCID-w2kf-rnn3-huc8" }, { "vulnerability": "VCID-wevg-rszb-9ufb" }, { "vulnerability": "VCID-wjjc-1wyd-87fp" }, { "vulnerability": "VCID-x6wa-636e-zugv" }, { "vulnerability": "VCID-xcd3-cznv-xuc8" }, { "vulnerability": "VCID-xk96-csb5-syac" }, { "vulnerability": "VCID-xkm6-uy8d-x3cq" }, { "vulnerability": "VCID-y3z3-emkf-bug3" }, { "vulnerability": "VCID-yabf-1cc1-v7dk" }, { "vulnerability": "VCID-yc6q-h53h-9khy" }, { "vulnerability": "VCID-z2u9-jd5w-rkb5" }, { "vulnerability": "VCID-z6hg-axpc-1qht" }, { "vulnerability": "VCID-z6nc-29bh-77h9" }, { "vulnerability": "VCID-z8aj-6xyd-fkfq" }, { "vulnerability": "VCID-zptc-hpne-x7at" }, { "vulnerability": "VCID-zqb9-5v29-xbc6" }, { "vulnerability": "VCID-ztbp-3phk-zkeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" } ], "aliases": [ "CVE-2016-3248", "GHSA-q6mv-8vh9-4ggj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x298-tj5u-j3de" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.ChakraCore@1.2.0" }