VulnerableCode Package Details - pkg:nuget/Microsoft.ChakraCore@1.8.1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1d45-g18p-kkay	Out-of-bounds Write ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0858 GHSA-7gjv-9m33-chg8
VCID-41ed-s35k-8uaa	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0856 GHSA-399v-jg88-3gx6
VCID-8ewe-v59k-4kfj	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0857 GHSA-q9x6-7hjh-q9fc
VCID-a661-axjh-ykct	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0837 GHSA-h9wf-mpvf-9jqg
VCID-cy9w-cuk8-73bk	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0860 GHSA-v3xp-3wpq-rvhp
VCID-dq6q-2z3d-vyh6	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0859 GHSA-9pvj-pgg9-pvqq
VCID-s9e8-hvkt-tyfc	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0834 GHSA-5j48-826p-2w9r
VCID-sdga-u536-1fam	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0836 GHSA-m8x8-5ch7-c5w9
VCID-ssp4-qvzu-tqff	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0835 GHSA-3cwf-pwcg-57xr
VCID-x99r-qvdv-t3hz	Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.	CVE-2018-0838 GHSA-j762-mr2c-fmp9

Vulnerability

Summary

Aliases

VCID-1d45-g18p-kkay

Out-of-bounds Write ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0858
GHSA-7gjv-9m33-chg8

VCID-41ed-s35k-8uaa

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0856
GHSA-399v-jg88-3gx6

VCID-8ewe-v59k-4kfj

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0857
GHSA-q9x6-7hjh-q9fc

VCID-a661-axjh-ykct

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0837
GHSA-h9wf-mpvf-9jqg

VCID-cy9w-cuk8-73bk

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0860
GHSA-v3xp-3wpq-rvhp

VCID-dq6q-2z3d-vyh6

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0859
GHSA-9pvj-pgg9-pvqq

VCID-s9e8-hvkt-tyfc

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0834
GHSA-5j48-826p-2w9r

VCID-sdga-u536-1fam

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0836
GHSA-m8x8-5ch7-c5w9

VCID-ssp4-qvzu-tqff

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0835
GHSA-3cwf-pwcg-57xr

VCID-x99r-qvdv-t3hz

Out-of-bounds Write Microsoft Edge and ChakraCore in Microsoft Windows Gold, and Windows Server allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.

CVE-2018-0838
GHSA-j762-mr2c-fmp9

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T00:57:22.475386+00:00	GHSA Importer	Fixing	VCID-1d45-g18p-kkay	https://github.com/advisories/GHSA-7gjv-9m33-chg8	38.6.0
2026-05-31T00:57:22.430338+00:00	GHSA Importer	Fixing	VCID-41ed-s35k-8uaa	https://github.com/advisories/GHSA-399v-jg88-3gx6	38.6.0
2026-05-31T00:57:22.392750+00:00	GHSA Importer	Fixing	VCID-8ewe-v59k-4kfj	https://github.com/advisories/GHSA-q9x6-7hjh-q9fc	38.6.0
2026-05-31T00:57:22.338890+00:00	GHSA Importer	Fixing	VCID-dq6q-2z3d-vyh6	https://github.com/advisories/GHSA-9pvj-pgg9-pvqq	38.6.0
2026-05-31T00:57:22.296303+00:00	GHSA Importer	Fixing	VCID-cy9w-cuk8-73bk	https://github.com/advisories/GHSA-v3xp-3wpq-rvhp	38.6.0
2026-05-31T00:57:22.262445+00:00	GHSA Importer	Fixing	VCID-x99r-qvdv-t3hz	https://github.com/advisories/GHSA-j762-mr2c-fmp9	38.6.0
2026-05-31T00:57:22.222803+00:00	GHSA Importer	Fixing	VCID-a661-axjh-ykct	https://github.com/advisories/GHSA-h9wf-mpvf-9jqg	38.6.0
2026-05-31T00:57:22.177317+00:00	GHSA Importer	Fixing	VCID-sdga-u536-1fam	https://github.com/advisories/GHSA-m8x8-5ch7-c5w9	38.6.0
2026-05-31T00:57:22.119456+00:00	GHSA Importer	Fixing	VCID-s9e8-hvkt-tyfc	https://github.com/advisories/GHSA-5j48-826p-2w9r	38.6.0
2026-05-31T00:57:22.076386+00:00	GHSA Importer	Fixing	VCID-ssp4-qvzu-tqff	https://github.com/advisories/GHSA-3cwf-pwcg-57xr	38.6.0
2026-05-30T20:58:42.377826+00:00	GitLab Importer	Fixing	VCID-cy9w-cuk8-73bk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2018-0860.yml	38.6.0