-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| Microsoft.ChakraCore | nuget | < 1.4.3 | 1.4.3 |
Miggo AIRoot Cause AnalysisThe commit diff shows the vulnerability was fixed by replacing direct 'm_charLength' assignment with SetLength() which performs overflow checks. The test case added (repeatBug.js) demonstrates that excessively large repeat counts could trigger this flaw. The constructor's lack of bounds checking prior to the patch matches the CVE description of improper memory handling in string operations.
C#C#Ongoing coverage of React2Shell