NuGet package

microsoft.chakracore

pkg:nuget/microsoft.chakracore

Vulnerabilities (247)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-3214	Hig	8.8	< 1.3.0	1.3.0	Jun 16, 2016	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199.
CVE-2016-3202	Hig	7.5	< 1.2.0.0	1.2.0.0	Jun 16, 2016	The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scriptin
CVE-2016-3199	Hig	8.8	< 1.2.0.0	1.2.0.0	Jun 16, 2016	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.
CVE-2016-0193	Hig	7.5	< 1.2.0.0	1.2.0.0	May 11, 2016	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2
CVE-2016-0191	Hig	7.5	< 1.2.0.0	1.2.0.0	May 11, 2016	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2
CVE-2016-0186	Hig	7.5	< 1.2.0.0	1.2.0.0	May 11, 2016	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0191 and CVE-2
CVE-2016-0024	Hig	8.8	< 1.2.0	1.2.0	Jan 13, 2016	The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."

CVE-2016-3214HigJun 16, 2016
affected < 1.3.0fixed 1.3.0
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199.
CVE-2016-3202HigJun 16, 2016
affected < 1.2.0.0fixed 1.2.0.0
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scriptin
CVE-2016-3199HigJun 16, 2016
affected < 1.2.0.0fixed 1.2.0.0
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.
CVE-2016-0193HigMay 11, 2016
affected < 1.2.0.0fixed 1.2.0.0
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2
CVE-2016-0191HigMay 11, 2016
affected < 1.2.0.0fixed 1.2.0.0
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0186 and CVE-2
CVE-2016-0186HigMay 11, 2016
affected < 1.2.0.0fixed 1.2.0.0
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0191 and CVE-2
CVE-2016-0024HigJan 13, 2016
affected < 1.2.0fixed 1.2.0
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."

Page 13 of 13