Описание
ChakraCore information disclosure vulnerability
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-0939
- https://github.com/chakra-core/ChakraCore/commit/090277e7a5ea1d938777acb92e7b6759936ea974
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0939
- https://web.archive.org/web/20201021051922/http://www.securitytracker.com/id/1040507
- https://web.archive.org/web/20210124145017/http://www.securityfocus.com/bid/103305
Пакеты
Наименование
Microsoft.ChakraCore
nuget
Затронутые версииВерсия исправления
< 1.8.2
1.8.2
Связанные уязвимости
CVSS3: 4.3
nvd
больше 7 лет назад
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891.
