High severity7.5NVD Advisory· Published Jan 10, 2018· Updated Jun 17, 2026
CVE-2018-0818
CVE-2018-0818
Description
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass".
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.8.0 | 1.8.0 |
Affected products
2- Microsoft Corporation/ChakraCorev5Range: ChakraCore
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/102412nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-fv8m-p45w-gf38ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-0818ghsaADVISORY
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0818nvdVendor AdvisoryWEB
- github.com/chakra-core/ChakraCore/pull/4427ghsaWEB
- github.com/chakra-core/ChakraCore/pull/4427/commits/84368681cf5cf1d33364638e2cd463ad1b13eba6ghsaWEB
- web.archive.org/web/20210124130147/http://www.securityfocus.com/bid/102412ghsaWEB
News mentions
0No linked articles in our index yet.