rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/cosmwasm-vm/RUSTSEC-2024-0366.md
djc 2e45336771 Synchronize IDs (2025-10-28)
2025-10-28 07:02:18 +01:00

850 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2024-0366"
package = "cosmwasm-vm"
date = "2024-08-27"
url = "https://github.com/CosmWasm/advisories/blob/main/CWAs/CWA-2023-004.md"
categories = ["denial-of-service"]
keywords = ["resource-consumption", "crash", "deadlock"]
aliases = ["GHSA-75qh-gg76-p2w4"]

[versions]
patched = [">= 1.2.8, < 1.3.0", ">= 1.3.4, < 1.4.0", ">= 1.4.2, < 1.5.0", ">= 1.5.1"]

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts.

For more information, see CWA-2023-004.