-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe commit diff shows both functions replaced Assert with AssertOrFailFast to validate 'profiledCallSiteId' against GetProfiledCallSiteCount(). The original Assert statements (which are debug-only checks) allowed out-of-bounds access in release builds, enabling memory corruption. The vulnerability title explicitly mentions 'construct Caches array out-of-bounds', directly implicating these cache management functions.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| Microsoft.ChakraCore | nuget | < 1.11.6 | 1.11.6 |
C#C#