EPSS
Percentile
90.1%
ChakraCore is vulnerable to remote code execution (RCE). This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the current user.
github.com/microsoft/ChakraCore/pull/6155
github.com/Microsoft/ChakraCore/wiki/Roadmap#v11110
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052