Privilege Escalation Affecting microsoft.chakracore Open this link in a new tab package, versions [1.2.0,1.7.5)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
18 Apr 2019
2 Dec 2017
How to fix?
Upgrade Microsoft.ChakraCore to version 1.7.5 or higher.
Affected versions of this package are vulnerable to Privilege Escalation. There is a bug in the
GetPropertyBuiltIns function of
Note: This CVE ID is different from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.