Vulnerabilities for github.com-cosmos-cosmos--sdk

github.com/cosmos/cosmos-sdk

Title	Severity	Date	Affected Version
Cosmos SDK's Integer Overflow vulnerability in its Validator Rewards pool can cause a chain halt	High	Jul 8, 2025	< 0.50.14 >= 0.52.0-alpha.1 < 0.53.3
Cosmos SDK: x/group can halt when erroring in EndBlocker	High	Mar 12, 2025	>= 0.50.0-alpha.0 < 0.50.13 < 0.47.17
Cosmos SDK: Groups module can halt chain when handling a malicious proposal	High	Feb 20, 2025	< 0.47.16-ics-lsm >= 0.50.0-alpha.0 < 0.50.12
ASA-2024-006: ValidateVoteExtensions helper function in Cosmos SDK may allow incorrect voting power assumptions	High	Mar 12, 2024	>= 0.50.0 < 0.50.5
ASA-2024-005: Potential slashing evasion during re-delegation	Low	Feb 27, 2024	>= 0.50.0 < 0.50.5 < 0.47.10
ASA-2024-002: Default `PrepareProposalHandler` may produce invalid proposals when used with default `SenderNonceMempool`	Medium	Feb 21, 2024	>= 0.50.0 < 0.50.4 < 0.47.9
ASA-2024-003: Missing `BlockedAddressed` Validation in Vesting Module	Medium	Feb 21, 2024	>= 0.50.0 < 0.50.4 < 0.47.9
Cosmos-SDK Cosmovisor component may be vulnerable to denial of service	Medium	Sep 6, 2023	< 0.46
Barberry Security Advisory - regarding x/auth periodic vesting accounts	Medium	Jul 7, 2023	>= 0.46.0 < 0.46.13 >= 0.47.0 < 0.47.3
github.com/cosmos/cosmos-sdk's x/crisis does not charge ConstantFee	Low	Jun 30, 2023	<= 0.50.0-alpha.1