Microsoft.ChakraCore is vulnerable to remote code execution (RCE). The library does not merge block data properly for loops, leading to an invalid pointer read that can crash the application or cause arbitrary code to be executed.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft.chakracore | le | 1.10.1 | |
microsoft.chakracore.vc140 | le | 1.10.1 |