CVE-2019-0592

HIGH7.5EPSS 44.8%

High severity vulnerability that affects Microsoft.ChakraCore

Published: 4/9/2019Modified: 11/8/2023

Description

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611.

Affected packages (1)

NuGet/Microsoft.ChakraCorefrom 0, < 1.11.7

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References (3)

ADVISORYhttps://github.com/advisories/GHSA-fv38-4c3m-25v8
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-0592
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592