Lucene search

K
githubGitHub Advisory DatabaseGHSA-88CW-3M6X-49F7
HistoryAug 02, 2021 - 5:25 p.m.

Out-of-bounds Write in ChakraCore

2021-08-0217:25:58
CWE-787
GitHub Advisory Database
github.com
29

4.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.05 Low

EPSS

Percentile

92.7%

Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.

CPENameOperatorVersion
microsoft.chakracorelt1.11.23

4.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.05 Low

EPSS

Percentile

92.7%

Related for GHSA-88CW-3M6X-49F7