0.005 Low
EPSS
Percentile
75.9%
chakracore is vulnerable to remote code execution. The vulnerability exists due to a memory corruption issue when updating the InlineeFrameDisplay.
InlineeFrameDisplay
github.com/microsoft/ChakraCore/commit/f645b2d4688dee070f01e0285e44dbabbebdf2e0
github.com/microsoft/ChakraCore/pull/6500
github.com/Microsoft/ChakraCore/wiki/Roadmap#v11122
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1172