CVE-2018-8298
| CVE Published | 2018-07-11 |
|---|---|
| Related CWE(s) | CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') |
| Related Vendor(s) | microsoft |
| Related Product(s) | chakracore |
| Exploitation Reported (CISA KEV) | 2022-03-03 |
| CVSS 3 Base Score | 7.5 (HIGH) |
| CVSS 3 Attack Complexity | HIGH |
| CVSS 3 Attack Vector | NETWORK |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph