ChakraCore is vulnerable to remote code execution (RCE). The vulnerability exists as a prototype pollution attack could occur through the value of objectPrototype
, allowing RCE attacks.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.11.6 | |
microsoft.chakracore.vc140 | le | 1.11.6 |