CVE-2019-0769

HIGH7.5EPSS 6.8%

High severity vulnerability that affects Microsoft.ChakraCore

發布日:2019/4/9修改日:2023/11/8

描述

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

受影響套件(1)

NuGet/Microsoft.ChakraCorefrom 0, < 1.11.7

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

參考連結(3)

ADVISORYhttps://github.com/advisories/GHSA-8qh8-cv77-h83g
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-0769
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769