A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

Affected Packages

NuGet Microsoft.ChakraCore

Affected versions: 0 (fixed in 1.11.7)

Related CVEs

CVE-2019-0639

Key Information

GHSA ID

GHSA-6jf5-rmhv-38cw

Published

April 9, 2019 7:44 PM

Last Modified

September 2, 2021 4:39 PM

CVSS Score

7.5 /10

Primary Ecosystem

NuGet

Primary Package

Microsoft.ChakraCore

GitHub Reviewed

✓ Yes

Dataset

Last updated: June 13, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.