CVE-2024-58264

Summary

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data.

Affected Software

VendorProductVersion RangeStatus
CosmWasmserde-json-wasm0 < 0.5.2affected
CosmWasmserde-json-wasm1.0.0 < 1.0.1affected

Weaknesses

  • CWE-674: CWE-674 Uncontrolled Recursion

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References