EPSS
Percentile
91.6%
ChakraCore is vulnerable to remote code execution (RCE). The vulnerability exists due to a JIT type confusion error that causes memory corruption, allowing RCE attacks.
github.com/Microsoft/ChakraCore/commit/50d1e46aac450f236927b309854e77fce4acd49f
github.com/Microsoft/ChakraCore/pull/6087
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806