CVE-2020-0831: Out-of-bounds Write in ChakraCore
7.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.87674%
CWE
Published
7/28/2021
Updated
2/1/2023
KEV Status
No
Technology
C#
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
Microsoft.ChakraCore | nuget | < 1.11.17 | 1.11.17 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The provided vulnerability information describes an out-of-bounds write in ChakraCore (CVE-2020-0831) but does not include specific code references, GitHub patches, commit diffs, or function names. While the CWE-787 suggests memory corruption due to improper bounds checking, identifying the exact vulnerable functions requires analyzing the patched code or security bulletins detailing the affected code paths. Publicly available sources (NVD, GitHub Advisory) do not disclose technical specifics like function names or file paths. Historical ChakraCore vulnerabilities often involve JIT compiler optimizations or array handling, but without explicit evidence, high-confidence identification is impossible.