CVE-2017-11767: Improper Restriction of Operations within the Bounds of a Memory Buffer
(updated )
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka “Scripting Engine Memory Corruption Vulnerability”.
References
Detect and mitigate CVE-2017-11767 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →