GHSA-7225-m954-23v7: ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panic
(updated )
Name: ASA-2024-010: Mismatched bit-length in sdk.Int
and sdk.Dec
can lead to panic
Component: Cosmos SDK / Math
Criticality: High (Considerable Impact, and Possible Likelihood per ACMv1.2)
Affected versions: cosmossdk.io/math
package versions <= math/v1.3.0
Affected users: Chain Builders + Maintainers, Validators
References
Detect and mitigate GHSA-7225-m954-23v7 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →