CNNVD-202507-3430 Information

CNNVD ID

CNNVD-202507-3430

Related CVE

CVE-2024-58264

• CNNVD Published: 2025-07-27

Description (Chinese)

serde-json-wasm crate是CosmWasm开源的一个Rust库。 serde-json-wasm crate 1.0.1之前版本存在安全漏洞，该漏洞源于深度嵌套JSON数据可能导致栈消耗。

Description (English)

serde-json-wasmcrate is a Rust bank open to CosmWasm. There is a safety gap in the pre-version version of serde-json-wasm crime 1.0, which is the result of deep-seated JSON data that could lead to ink consumption.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

CosmWasm

Published

2025-07-27

Last Modified

2026-02-24

References

https://rustsec.org/advisories/RUSTSEC-2024-0012.html https://crates.io/crates/serde-json-wasm https://github.com/advisories/GHSA-rr69-rxr6-8qwf https://access.redhat.com/security/cve/cve-2024-58264

Patch

https://github.com/CosmWasm/serde-json-wasm/tags