Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-jhx3-2w5x-x39x

GitHub Security Advisory

Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.

Affected Packages

NuGet Microsoft.ChakraCore
Affected versions: 0 (fixed in 1.11.7)

Related CVEs

CVE-2019-0746

Key Information

GHSA ID
GHSA-jhx3-2w5x-x39x
Published
April 9, 2019 7:43 PM
Last Modified
September 17, 2022 12:21 AM
CVSS Score
5.0 /10
Primary Ecosystem
NuGet
Primary Package
Microsoft.ChakraCore
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 28, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.