Skip to content

CWA-2025-001: Malicious smart contract can crash the chain

Moderate
chipshort published GHSA-23qp-3c2m-xx6w Feb 4, 2025

Package

gomod github.com/CosmWasm/wasmvm (Go)

Affected versions

< 1.5.8

Patched versions

1.5.8
gomod github.com/CosmWasm/wasmvm/v2 (Go)
>= 2.0.0, < 2.0.6
>= 2.1.0, < 2.1.5
>= 2.2.0, < 2.2.2
2.0.6
2.1.5
2.2.2

Description

See CWA-2025-001 for more details on how to patch this.

Severity

Moderate

CVE ID

No known CVE

Weaknesses

No CWEs