Microsoft.Chakracore is vulnerable to a remote code execution (RCE) attack. The library does not properly handle objects in memory in the GlobOpt::CheckJsArrayKills
function in lib/Backend/GlobOpt.cpp
, allowing a malicious user to inject and execute arbitrary code.