Naga Security Vulnerabilities

CVE-2018-13492

The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

CVE-2024-36761

naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs.