HIGH 7.5 NuGet
ChakraCore Remote Code Execution Vulnerability
GHSA-8xv4-c7rq-j577 · CVE-2020-1037
Published · Modified
Description
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-1037
- WEB https://github.com/chakra-core/ChakraCore/pull/6447
- WEB https://github.com/chakra-core/ChakraCore/commit/73ced029e6a06fcce9fd8c886dc73e5290f2ae69
- PACKAGE https://github.com/chakra-core/ChakraCore
- WEB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1037
Ready to move
Start Securing
Free, no credit card | First findings in minutes