cauuu (>=0.1.0 <=0.1.1), cosmwasm-check (>=1.1.0 <=1.3.4) +16 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=1.3.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =1.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MX2J-7CMV-353C...

cauuu (>=0.1.0 <=0.1.1), cosmwasm-check (>=1.1.0 <=1.3.4) +16 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=1.3.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =1.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-2Q97-M5RC-P3GP...

CosmWasm VM Incorrect metering

CWA-2024-007 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.1.0, = 2.0.0, = 2.1.0, = 2.0.0, query wasm libwasmvm-version. It must show 1.5...

CosmWasm VM Incorrect metering

CWA-2024-007 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.1.0, = 2.0.0, = 2.1.0, = 2.0.0, query wasm libwasmvm-version. It must show 1.5...

PT-2024-40482 · Wasmvm +1 · Wasmvm +1

Name of the Vulnerable Software and Affected Versions: wasmvm versions 2.1.0 through 2.1.2 wasmvm versions 2.0.0 through 2.0.3 wasmvm versions prior to 1.5.5 cosmwasm-vm versions 2.1.0 through 2.1.3 cosmwasm-vm versions 2.0.0 through 2.0.6 cosmwasm-vm versions prior to 1.5.8 Description: The issu...

PT-2024-40031 · Wasmvm +1 · Wasmvm +1

Name of the Vulnerable Software and Affected Versions: wasmvm versions 2.1.0 through 2.1.2 wasmvm versions 2.0.0 through 2.0.3 wasmvm versions prior to 1.5.5 cosmwasm-vm versions 2.1.0 through 2.1.3 cosmwasm-vm versions 2.0.0 through 2.0.6 cosmwasm-vm versions prior to 1.5.8 Description: The issu...

cauuu (>=0.1.0 <=0.1.1), cosmwasm-simulate (>=0.13.2 <=0.13.6) +10 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=0.9.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 - terraswap =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-75QH-GG76-P2W4...

cauuu (>=0.1.0 <=0.1.1), cosmwasm-check (>=1.1.0 <=1.3.4) +16 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=1.3.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =1.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-RG2Q-2JH9-447Q...

cauuu (>=0.1.0 <=0.1.1), cosmwasm-check (>=1.1.0 <=1.3.4) +16 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=1.3.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =1.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0361...

RUSTSEC-2024-0361 CWA-2024-004: Gas mispricing in cosmwasm-vm

Some Wasm operations take significantly more gas than our benchmarks indicated. This can lead to missing the gas target we defined by a factor of 10x. This means a malicious contract could take 10 times as much time to execute as expected, which can be used to temporarily DoS a chain. For more...

Gas mispricing in cosmwasm-vm

Component: wasmvm Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmvm 1.5.3, 2.0.2, 2.1.1...

Gas mispricing in cosmwasm-vm

Component: wasmvm Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmvm 1.5.3, 2.0.2, 2.1.1...

aquamarine-vm (>=0.1.0 <=0.5.2), ashpaper-plus (>=0.5.0 <=0.5.1) +140 more potentially affected by CVE-2021-32629 via cranelift-codegen (>=0.14.0 <=0.72.0)

cranelift-codegen CARGO version =0.14.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.2.9, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.26.1, =0.13.2, =0.8.0, =0.14.0, =0.14.0, =0.66.0 and more Source cves: CVE-2021-32629 Source advisory: OSV:GHSA-HPQH-2WQX-7QP5...