0.006 Low
EPSS
Percentile
78.3%
microsoft.chakracore is vulnerable to remote code execution (RCE). The vulnerability exists through a JIT type confusion in lib/Backend/GlobOpt.cpp.
lib/Backend/GlobOpt.cpp
github.com/microsoft/ChakraCore/commit/329d9d213e7b286349c0b156be4b5a088555de90
github.com/microsoft/ChakraCore/pull/6243
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1141