CVE-2020-1057
nuget/Microsoft.ChakraCore
Improper Restriction of Operations within the Bounds of a Memory Buffer
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1172, CVE-2020-1180.
All versions before 1.11.22
Upgrade to version 1.11.22 or above.
2020-09-15
source |