GHSA-rm83-pxjx-pr5j

Source

https://github.com/advisories/GHSA-rm83-pxjx-pr5j

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-rm83-pxjx-pr5j/GHSA-rm83-pxjx-pr5j.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-rm83-pxjx-pr5j

Withdrawn

2025-07-28T15:52:01Z

Published

2025-07-27T21:32:11Z

Modified

2025-07-28T15:52:01Z

Severity

3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

Duplicate Advisory: CosmWasm affected by arithmetic overflows

Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-8724-5xmm-w5xq. This link is maintained to preserve external references.

Original Description

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations.

Database specific

{
    "nvd_published_at": "2025-07-27T20:15:25Z",
    "cwe_ids": [
        "CWE-190"
    ],
    "severity": "LOW",
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-28T15:52:01Z"
}

References

Affected packages

crates.io / cosmwasm-std

Package

Name: cosmwasm-std; View open source insights on deps.dev
Purl: pkg:cargo/cosmwasm-std

Affected ranges

Type: SEMVER
Events: Introduced

1.3.0

Fixed

1.4.4

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-rm83-pxjx-pr5j/GHSA-rm83-pxjx-pr5j.json"

crates.io / cosmwasm-std

Package

Name: cosmwasm-std; View open source insights on deps.dev
Purl: pkg:cargo/cosmwasm-std

Affected ranges

Type: SEMVER
Events: Introduced

1.5.0

Fixed

1.5.4

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-rm83-pxjx-pr5j/GHSA-rm83-pxjx-pr5j.json"