ChakraCore RCE Vulnerability

🗓️ 13 May 2022 01:48:20Reported by GitHub Advisory DatabaseType

Remote code execution vulnerability in ChakraCore scripting engine in Microsoft Edg

Reporter	Title	Published	Views	Family All 79
CVE	CVE-2018-8354	13 Sep 201800:29	–	cve
CVE	CVE-2018-8457	13 Sep 201800:29	–	cve
CVE	CVE-2018-8456	13 Sep 201800:29	–	cve
CVE	CVE-2018-8391	13 Sep 201800:29	–	cve
CVE	CVE-2018-8459	13 Sep 201800:29	–	cve
Cvelist	CVE-2018-8391	13 Sep 201800:00	–	cvelist
Cvelist	CVE-2018-8354	13 Sep 201800:00	–	cvelist
Cvelist	CVE-2018-8456	13 Sep 201800:00	–	cvelist
Cvelist	CVE-2018-8459	13 Sep 201800:00	–	cvelist
Cvelist	CVE-2018-8457	13 Sep 201800:00	–	cvelist

Vulners

Node

microsoft chakracoreRange<1.11.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-8354
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8354
github	www.github.com/chakra-core/ChakraCore/pull/5688
github	www.github.com/chakra-core/ChakraCore/commit/5192cdc08a030a580ba15d1d9aa50f81a6d92211
web	www.web.archive.org/web/20210124202704/http://www.securityfocus.com/bid/105232
web	www.web.archive.org/web/20210517133345/http://www.securitytracker.com/id/1041623
github	www.github.com/advisories/GHSA-6g23-fww6-rfrj

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:20Current

7.3High risk

Vulners AI Score7.3

CVSS27.6

CVSS37.5

EPSS0.05554

CWE-787