GHSA-m3rh-cvr5-x6q4: CosmWasm wasmd has large address count in ValidateBasic
(updated )
Component: wasmd Criticality: Low (ACMv1: I:Moderate; L:Unlikely) Patched versions: wasmd 0.52.0
In multiple wasmd message types it was possible to add a large number of addresses which might lead to unexpected resource consumption in ValidateBasic.
See CWA-2024-003 for more details.
References
Detect and mitigate GHSA-m3rh-cvr5-x6q4 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →