CISA description
The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.
CVE-2018-8298
ChakraCore · ChakraCore scripting engine
ChakraCore Scripting Engine Type Confusion Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.