Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7805
HistoryNov 15, 2018 - 7:53 a.m.

Remote Code Execution (RCE)

2018-11-1507:53:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

EPSS

0.09

Percentile

94.7%

Microsoft.Chakracore is vulnerable to a remote code execution (RCE) attack. The library does not handle objects in the Scanner::LineLength function in lib/Parser/Scan.cpp, allowing a malicious user to inject and execute arbitrary code.