-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIA Semantic Attack on Google Gemini - Read the Latest Research
A Semantic Attack on Google Gemini - Read the Latest Research
Miggo AI
Miggo AIRoot Cause AnalysisThe vulnerability stems from incorrect handling of multi-byte line terminators in error message processing. The commit modifies LineLength to track both character count (cch) and byte count (cb), and fixes SysAllocErrorLine to use byte count for buffer calculations. The added test cases specifically validate() proper handling of multi-byte UTF-8 sequences, confirming the memory corruption stemmed from character/byte length mismatches in these functions.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| Microsoft.ChakraCore | nuget | < 1.11.3 | 1.11.3 |