Microsoft.ChakraCore is vulnerable to remote code execution (RCE) attacks. The library does not properly handle fixed deferred functions, leading to an Out-Of-Bounds read/write that can crash the application or cause arbitrary code to be executed.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.10.1 | |
microsoft.chakracore.vc140 | le | 1.10.1 |