Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2020-0813

Good to know:

icon

Date: March 12, 2020

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory., aka 'Scripting Engine Information Disclosure Vulnerability'.

Language: JS

Severity Score

Related Resources (3)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0813
https://nvd.nist.gov/vuln/detail/CVE-2020-0813
https://www.mend.io/vulnerability-database/CVE-2020-0813

Severity Score

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

Top Fix

icon

Upgrade Version

Upgrade to version Microsoft.ChakraCore - 1.11.17

Learn More

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH
Additional information:

Do you need more information?

Contact Us