A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.

Affected Packages

NuGet Microsoft.ChakraCore

Affected versions: 0 (fixed in 1.11.17)

Related CVEs

CVE-2020-0826

Key Information

GHSA ID

GHSA-6cc6-66f5-mxjj

Published

July 28, 2021 6:58 PM

Last Modified

July 27, 2021 1:43 PM

CVSS Score

7.5 /10

Primary Ecosystem

NuGet

Primary Package

Microsoft.ChakraCore

GitHub Reviewed

✓ Yes

Dataset

Last updated: June 13, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.