Home

CVE-2018-8391

Description

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka Scripting Engine Memory Corruption Vulnerability. This affects ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
15.416

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in Nuget - Microsoft.ChakraCore 1.11.1Windows
Multiple vulnerabilities are fixed in Nuget - Microsoft.ChakraCore for Linux 1.11.1Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234