CVE-2020-1180
nuget/Microsoft.ChakraCore
Out-of-bounds Write
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1057, CVE-2020-1172.
All versions before 1.11.22
Upgrade to version 1.11.22 or above.
2020-09-18
source |