Vulnerability Database

309,364

Total vulnerabilities in the database

CosmWasm wasmd has large address count in ValidateBasic

Component: wasmd Criticality: Low (ACMv1: I:Moderate; L:Unlikely) Patched versions: wasmd 0.52.0

In multiple wasmd message types it was possible to add a large number of addresses which might lead to unexpected resource consumption in ValidateBasic.

See CWA-2024-003 for more details.

Published: Aug 8, 2024
Updated: Aug 9, 2024
GHSA: GHSA-m3rh-cvr5-x6q4
Severity: Low
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
github.com/CosmWasm/wasmd	-	0.52

https://github.com/CosmWasm/advisories/blob/main/CWAs/CWA-2024-003.md
https://github.com/CosmWasm/wasmd/commit/76c0c061c9cb6b142163883e46c26d99384dc443
https://github.com/CosmWasm/wasmd/security/advisories/GHSA-m3rh-cvr5-x6q4

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo