Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-WC43-7WJ6-4GGR
HistoryAug 02, 2021 - 5:29 p.m.

Remote code execution in ChakraCore

2021-08-0217:29:09
Google
osv.dev
8

4.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.6%

JSON

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2020-1057, CVE-2020-1172.

Related

github 3
osv 5
kaspersky 1
mscve 3
veracode 2
prion 3
cve 3
openvas 7
mskb 7
nessus 7
avleonov 1
github
github
Remote code execution in ChakraCore
2021-08-02 17:29:01
Remote code execution in ChakraCore
2021-08-02 17:28:53
Remote code execution in ChakraCore
2021-08-02 17:29:09
osv
osv
Remote code execution in ChakraCore
2021-08-02 17:29:01
Remote code execution in ChakraCore
2021-08-02 17:28:53
CVE-2020-1057
2020-09-11 17:15:18
kaspersky
kaspersky
KLA11954 Multiple vulnerabilities in Microsoft Browsers
2020-09-08 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2020-09-08 07:00:00
Scripting Engine Memory Corruption Vulnerability
2020-09-08 07:00:00
Scripting Engine Memory Corruption Vulnerability
2020-09-08 07:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-09-14 04:26:30
Remote Code Execution (RCE)
2020-09-14 04:33:15
prion
prion
Remote code execution
2020-09-11 17:15:00
Remote code execution
2020-09-11 17:15:00
Remote code execution
2020-09-11 17:15:00
cve
cve
CVE-2020-1057
2020-09-11 17:15:00
CVE-2020-1180
2020-09-11 17:15:00
CVE-2020-1172
2020-09-11 17:15:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4577049)
2020-09-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4577041)
2020-09-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4577015)
2020-09-09 00:00:00
mskb
mskb
September 8, 2020—KB4577049 (OS Build 10240.18696)
2021-02-09 08:00:00
September 8, 2020—KB4577041 (OS Build 16299.2107)
2020-10-13 07:00:00
September 8, 2020—KB4577015 (OS Build 14393.3930)
2021-02-09 08:00:00
nessus
nessus
KB4577049: Windows 10 September 2020 Security Update
2020-09-08 00:00:00
KB4577041: Windows 10 Version 1709 September 2020 Security Update
2020-09-08 00:00:00
KB4577015: Windows 10 Version 1607 and Windows Server 2016 September 2020 Security Update
2020-09-08 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday September 2020: Zerologon and other exploits, RCEs in SharePoint and Exchange
2020-09-30 23:46:21

4.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.6%

JSON
Related for OSV:GHSA-WC43-7WJ6-4GGR
github3osv5kaspersky1mscve3veracode2prion3cve3openvas7mskb7nessus7avleonov1