CVE-2024-58263

Summary

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations.

Affected Software

VendorProductVersion RangeStatus
CosmWasmcosmwasm-std1.3.0 < 1.4.4affected
CosmWasmcosmwasm-std1.5.0 < 1.5.4affected
CosmWasmcosmwasm-std2.0.0 < 2.0.2affected

Weaknesses

  • CWE-190: CWE-190 Integer Overflow or Wraparound

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References