What is the severity of CVE-2018-8298?

CVE-2018-8298 has a CVSS Base Score of 7.5/10 and is classified as High severity. It is important to assess the risk based on your specific environment.

How do I fix CVE-2018-8298?

Remediation typically involves updating the affected software products to the latest patched version. Refer to the 'Affected Products' and 'Remediation' sections on this page for specific mitigation steps and vendor advisories.

Home→Vulnerabilities→CVE-2018-8298

Active Exploitation

CVE-2018-8298

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.

Share this vulnerability:

⚠️

Confirmed Active Exploitation

This vulnerability is listed in the CISA KEV Catalog. Federal agencies are mandated to patch immediately. Immediate remediation is required.

🚨

Public Exploit Available

A Proof-of-Concept (PoC) or exploit code for this vulnerability is publicly available. This significantly increases the risk of exploitation.

Exploitation Probability (EPSS)

Critical Priority

89.34%

The Exploit Prediction Scoring System (EPSS) uses machine learning to estimate the probability that a vulnerability will be exploited in the wild within the next 30 days.

0% (Theoretical)100% (Certainty)