Remote code execution in ChakraCore
High severity
GitHub Reviewed
Published
Aug 2, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Sep 11, 2020
Reviewed
May 4, 2021
Published to the GitHub Advisory Database
Aug 2, 2021
Last updated
Feb 1, 2023
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1057, CVE-2020-1172.
References