CVE-2020-0768: Out-of-bounds write in ChakraCore
7.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.86747%
CWE
Published
8/2/2021
Updated
2/1/2023
KEV Status
No
Technology
C#
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
Microsoft.ChakraCore | nuget | < 1.11.17 | 1.11.17 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The provided vulnerability information describes an out-of-bounds write in ChakraCore (CVE-2020-0768) but does not include specific technical details about the vulnerable code paths, commit diffs, or patched functions. While the CWE-787 classification indicates a memory corruption issue in object handling, Microsoft's advisory and NVD/CVE descriptions lack concrete references to function names, file paths, or implementation details required to identify specific vulnerable functions. Without access to the GitHub
patch details, commit history, or ChakraCore
source code analysis demonstrating the faulty code location, we cannot confidently map this vulnerability to specific functions with high confidence.