Опубликовано: 08 авг. 2024
Источник: github
Github: Прошло ревью
CVSS4: 6.3
CVSS3: 3.7
Описание
CosmWasm wasmd has large address count in ValidateBasic
Component: wasmd Criticality: Low (ACMv1: I:Moderate; L:Unlikely) Patched versions: wasmd 0.52.0
In multiple wasmd message types it was possible to add a large number of addresses which might lead to unexpected resource consumption in ValidateBasic.
See CWA-2024-003 for more details.
Пакеты
Наименование
github.com/CosmWasm/wasmd
go
Затронутые версииВерсия исправления
< 0.52
0.52
6.3 Medium
CVSS4
3.7 Low
CVSS3
Дефекты
CWE-400
6.3 Medium
CVSS4
3.7 Low
CVSS3
Дефекты
CWE-400