Miggo Logo

CVE-2020-0831: Out-of-bounds Write in ChakraCore

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.87674%
Published
7/28/2021
Updated
2/1/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
Microsoft.ChakraCorenuget< 1.11.171.11.17

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided vulnerability information describes an out-of-bounds write in ChakraCore (CVE-2020-0831) but does not include specific code references, GitHub patches, commit diffs, or function names. While the CWE-787 suggests memory corruption due to improper bounds checking, identifying the exact vulnerable functions requires analyzing the patched code or security bulletins detailing the affected code paths. Publicly available sources (NVD, GitHub Advisory) do not disclose technical specifics like function names or file paths. Historical ChakraCore vulnerabilities often involve JIT compiler optimizations or array handling, but without explicit evidence, high-confidence identification is impossible.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* r*mot* *o** *x**ution vuln*r**ility *xists in t** w*y t**t t** ***kr**or* s*riptin* *n*in* **n*l*s o*j**ts in m*mory, *k* 'S*riptin* *n*in* M*mory *orruption Vuln*r**ility'. T*is *V* I* is uniqu* *rom *V*-****-****, *V*-****-****, *V*-****-****, *V

Reasoning

T** provi*** vuln*r**ility in*orm*tion **s*ri**s *n out-o*-*oun*s writ* in ***kr**or* (*V*-****-****) *ut *o*s not in*lu** sp**i*i* *o** r***r*n**s, *it*u* p*t***s, *ommit *i**s, or *un*tion n*m*s. W*il* t** *W*-*** su***sts m*mory *orruption *u* to