Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/Microsoft.ChakraCore@1.7.5
purl pkg:nuget/Microsoft.ChakraCore@1.7.5
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (13)
Vulnerability Summary Aliases
VCID-5dms-spma-qyh9 Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Microsoft Edge in Windows, and Windows Server allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11914
VCID-7hu8-7sv2-mkdv Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Microsoft Edge in Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11905
VCID-e1q4-b6ct-y7ec Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11911
VCID-e692-eus6-mqhp Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11909
VCID-erb8-qbp1-afep Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server R2 SP1, Windows and Windows RT, Windows Server R2, Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, and CVE-2017-11916. CVE-2017-11930
VCID-fjsw-u1j1-hfh2 Exposure of Sensitive Information to an Unauthorized Actor ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server R2 SP1, Windows and Windows RT, Windows Server R2, and Windows Gold, Windows Server, and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11906. CVE-2017-11919
VCID-k8uz-8fk9-2qd6 Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server and R2 SP1, Windows and Windows RT, Windows Server and R2, and Internet Explorer and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11912
VCID-me85-9p1w-cfh1 Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Microsoft Edge in Windows, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11893
VCID-qr9r-tg1z-9bdb Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Windows allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11908
VCID-u3cr-r3q7-73bb Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11916
VCID-uf68-veys-ekhr Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11889
VCID-vkp8-rvx1-bqet Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Windows Gold, and Windows Server allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. CVE-2017-11910
VCID-yqx2-afv9-1qbe Improper Restriction of Operations within the Bounds of a Memory Buffer ChakraCore and Microsoft Edge in Windows Gold, and Windows Server allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, and CVE-2017-11930. CVE-2017-11918

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:37:23.234316+00:00 GitLab Importer Fixing VCID-qr9r-tg1z-9bdb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11908.yml 38.6.0
2026-06-02T04:37:23.199137+00:00 GitLab Importer Fixing VCID-7hu8-7sv2-mkdv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11905.yml 38.6.0
2026-06-02T04:37:23.163796+00:00 GitLab Importer Fixing VCID-k8uz-8fk9-2qd6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11912.yml 38.6.0
2026-06-02T04:37:23.127512+00:00 GitLab Importer Fixing VCID-uf68-veys-ekhr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11889.yml 38.6.0
2026-06-02T04:37:23.094002+00:00 GitLab Importer Fixing VCID-erb8-qbp1-afep https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11930.yml 38.6.0
2026-06-02T04:37:23.059735+00:00 GitLab Importer Fixing VCID-me85-9p1w-cfh1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11893.yml 38.6.0
2026-06-02T04:37:23.021889+00:00 GitLab Importer Fixing VCID-yqx2-afv9-1qbe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11918.yml 38.6.0
2026-06-02T04:37:22.983696+00:00 GitLab Importer Fixing VCID-e1q4-b6ct-y7ec https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11911.yml 38.6.0
2026-06-02T04:37:22.945216+00:00 GitLab Importer Fixing VCID-5dms-spma-qyh9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11914.yml 38.6.0
2026-06-02T04:37:22.906329+00:00 GitLab Importer Fixing VCID-vkp8-rvx1-bqet https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11910.yml 38.6.0
2026-06-02T04:37:22.807140+00:00 GitLab Importer Fixing VCID-u3cr-r3q7-73bb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11916.yml 38.6.0
2026-06-02T04:37:22.713616+00:00 GitLab Importer Fixing VCID-fjsw-u1j1-hfh2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11919.yml 38.6.0
2026-06-02T04:37:22.678947+00:00 GitLab Importer Fixing VCID-e692-eus6-mqhp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2017-11909.yml 38.6.0