A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka âScripting Engine Security Feature Bypass Vulnerability.â This affects Microsoft Edge, ChakraCore.
github.com/chakra-core/ChakraCore
github.com/chakra-core/ChakraCore/commit/4196f8097afdcc5fe01ce2966871712fb24003a3
nvd.nist.gov/vuln/detail/CVE-2018-8276
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276
web.archive.org/web/20210124183457/www.securityfocus.com/bid/104626
web.archive.org/web/20211202002348/www.securitytracker.com/id/1041256