microsoft.chakracore is vulnerable to remote code execution (RCE) attacks. The library does not call the ImplicitCallFlags during code interpretation, leading to arbitrary code being injected and executed.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.10.0 | |
microsoft.chakracore.vc140 | le | 1.10.0 |