23 matches found
EUVD-2025-18117
Malicious code in bioql PyPI...
Integer Overflow
github.com/cosmwasm/wasmd is vulnerable to integer overflow. The vulnerability is due to a contract error being ignored during IBC channel initialization, allowing the channel to open despite the error...
GO-2025-3755 CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error in github.com/CosmWasm/wasmd
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error in github.com/CosmWasm/wasmd...
GHSA-79XG-Q4QM-7V9W CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
Denial Of Service (DoS)
github.com/CosmWasm/wasmd is vulnerable to Denial Of Service DoS. The vulnerability is due to an uncaught exception caused by simulation of Wasmd message...
GO-2024-3319 Simulation of Wasmd message can cause crashing in github.com/CosmWasm/wasmd
Simulation of Wasmd message can cause crashing in github.com/CosmWasm/wasmd...
Simulation of Wasmd message can cause crashing
CWA-2024-009 Severity Low Marginal + Likely^1 Affected versions: - wasmd 0.53.1 Patched versions: - wasmd 0.53.2 please note that wasmd 0.53.1 is broken and must not be used Description of the bug Blank for now. We'll add more detail once chains had a chance to upgrade. Mitigations Apart from...
GHSA-VMG2-R3XV-R3XF Simulation of Wasmd message can cause crashing
CWA-2024-009 Severity Low Marginal + Likely^1 Affected versions: - wasmd 0.53.1 Patched versions: - wasmd 0.53.2 please note that wasmd 0.53.1 is broken and must not be used Description of the bug Blank for now. We'll add more detail once chains had a chance to upgrade. Mitigations Apart from...
Simulation of Wasmd message can cause crashing
CWA-2024-009 Severity Low Marginal + Likely^1 Affected versions: - wasmd 0.53.1 Patched versions: - wasmd 0.53.2 please note that wasmd 0.53.1 is broken and must not be used Description of the bug Blank for now. We'll add more detail once chains had a chance to upgrade. Mitigations Apart from...
GO-2024-3081 CWA-2024-006: wasmd non-deterministic module_query_safe query in github.com/CosmWasm/wasmd
CWA-2024-006: wasmd non-deterministic modulequerysafe query in github.com/CosmWasm/wasmd...
CWA-2024-006: wasmd non-deterministic module_query_safe query
Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...
GHSA-FPGJ-CR28-FVPX CWA-2024-006: wasmd non-deterministic module_query_safe query
Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...
CWA-2024-005: Stackoverflow in wasmd
Component: wasmd Criticality: High ACMv1: I:Critical; L:Likely Patched versions: wasmd 0.53.0, 0.46.0 See CWA-2024-005 for more details...
GHSA-G8W7-7VGG-X7XG CWA-2024-005: Stackoverflow in wasmd
Component: wasmd Criticality: High ACMv1: I:Critical; L:Likely Patched versions: wasmd 0.53.0, 0.46.0 See CWA-2024-005 for more details...
CWA-2024-006: wasmd non-deterministic module_query_safe query
Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...
CWA-2024-005: Stackoverflow in wasmd
Component: wasmd Criticality: High ACMv1: I:Critical; L:Likely Patched versions: wasmd 0.53.0, 0.46.0 See CWA-2024-005 for more details...
GO-2024-3059 CosmWasm wasmd has large address count in ValidateBasic in github.com/CosmWasm/wasmd
CosmWasm wasmd has large address count in ValidateBasic in github.com/CosmWasm/wasmd...
Uncontrolled Resource Consumption
github.com/CosmWasm/wasmd is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to the ability to add a large number of addresses in multiple message types, which may lead to unexpected resource consumption in ValidateBasic...