Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/Microsoft.ChakraCore@1.2.2
purl pkg:nuget/Microsoft.ChakraCore@1.2.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (10)
Vulnerability Summary Aliases
VCID-32j3-4v7m-q7e7 Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016-7194. CVE-2016-7190
GHSA-w4mj-xwvw-382f
VCID-ew1q-amsf-8kbb ChakraCore RCE Vulnerability The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. CVE-2016-7200
GHSA-5whg-j5fv-xcm2
VCID-h5bt-x8f3-p3fw Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7242, and CVE-2016-7243. CVE-2016-7240
GHSA-hh3v-5chw-wgh7
VCID-jwbu-3ms6-sfa4 Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. CVE-2016-7203
GHSA-wcvc-rhfj-997g
VCID-khvw-em85-uqb5 Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and CVE-2016-7190. CVE-2016-7194
GHSA-36c3-jcm2-rm3j
VCID-mw28-ry9r-kfcx Improper Restriction of Operations within the Bounds of a Memory Buffer The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. CVE-2016-7202
GHSA-mmfq-r3rg-8r7w
VCID-n7vb-wq1t-7yeq Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7242. CVE-2016-7243
GHSA-77qc-gp37-hr26
VCID-tpnr-m431-fuh7 ChakraCore RCE Vulnerability The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. CVE-2016-7201
GHSA-4f5g-j7wg-7w8j
VCID-w3s1-6pyy-z7hp Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. CVE-2016-7208
GHSA-vx5c-598g-qpg6
VCID-w5rk-whjd-vuhs Improper Restriction of Operations within the Bounds of a Memory Buffer The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, and CVE-2016-7243. CVE-2016-7242
GHSA-p6f4-h6w5-9jmc

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:43:36.735457+00:00 GitLab Importer Fixing VCID-w5rk-whjd-vuhs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7242.yml 38.6.0
2026-06-02T04:43:35.913614+00:00 GitLab Importer Fixing VCID-khvw-em85-uqb5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7194.yml 38.6.0
2026-06-02T04:43:35.840313+00:00 GitLab Importer Fixing VCID-jwbu-3ms6-sfa4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7203.yml 38.6.0
2026-06-02T04:43:32.607388+00:00 GitLab Importer Fixing VCID-h5bt-x8f3-p3fw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7240.yml 38.6.0
2026-06-02T04:43:28.247460+00:00 GitLab Importer Fixing VCID-ew1q-amsf-8kbb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7200.yml 38.6.0
2026-06-02T04:43:22.481177+00:00 GitLab Importer Fixing VCID-mw28-ry9r-kfcx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7202.yml 38.6.0
2026-06-02T04:43:21.844414+00:00 GitLab Importer Fixing VCID-w3s1-6pyy-z7hp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7208.yml 38.6.0
2026-06-02T04:43:10.743063+00:00 GitLab Importer Fixing VCID-32j3-4v7m-q7e7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7190.yml 38.6.0
2026-06-02T04:43:10.668236+00:00 GitLab Importer Fixing VCID-tpnr-m431-fuh7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7201.yml 38.6.0
2026-06-02T04:43:08.946858+00:00 GitLab Importer Fixing VCID-n7vb-wq1t-7yeq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.ChakraCore/CVE-2016-7243.yml 38.6.0