CVE-2019-0769

HIGH7.5EPSS 6.8%

High severity vulnerability that affects Microsoft.ChakraCore

Published: 4/9/2019Modified: 11/8/2023

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

Affected packages (1)

NuGet/Microsoft.ChakraCorefrom 0, < 1.11.7

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References (3)

ADVISORYhttps://github.com/advisories/GHSA-8qh8-cv77-h83g
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-0769
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769