A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1073