0.006 Low
EPSS
Percentile
78.3%
microsoft.chakracore is vulnerable to remote code execution (RCE). The vulnerability exists due to a type confusion in lib/Backend/BackwardPass.cpp.
lib/Backend/BackwardPass.cpp
github.com/microsoft/ChakraCore/commit/c70af488e435ebd552f3da0547dee39dc8437a64
github.com/microsoft/ChakraCore/pull/6243
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1195