microsoft.chakracore is vulnerable to remote code execution. This is due to a Use-After-Free (UAF) vulnerability in ServerScriptContext
which could lead to memory corruption and allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.8.3 | |
microsoft.chakracore.vc140 | le | 1.8.3 |