Critical severity9.8NVD Advisory· Published Aug 11, 2017· Updated Jun 17, 2026
CVE-2017-8658
CVE-2017-8658
Description
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.6.1 | 1.6.1 |
Affected products
3- Microsoft Corporation/ChakraCorev5Range: ChakraCore V1.7.1
Patches
Vulnerability mechanics
References
7- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8658nvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/100036nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-8v2h-4jpm-3wfmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-8658ghsaADVISORY
- github.com/chakra-core/ChakraCore/commit/2500e1cdc12cb35af73d5c8c9b85656aba6bab4dghsaWEB
- github.com/chakra-core/ChakraCore/pull/3509ghsaWEB
- web.archive.org/web/20210124090857/http://www.securityfocus.com/bid/100036ghsaWEB
News mentions
0No linked articles in our index yet.