EPSS
Percentile
91.6%
ChakraCore is vulnerable to remote code execution (RCE). This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the current user.
github.com/Microsoft/ChakraCore/pull/6016
github.com/Microsoft/ChakraCore/wiki/Roadmap#v1116
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769