CWA-2024-008: Panic in wasmvm can slow down block production

Moderate

chipshort published GHSA-vmqh-5232-v43r

Dec 10, 2024

Package

cosmwasm-vm (Rust)

Affected versions

>= 2.1.0, < 2.1.4

>= 2.0.0, < 2.0.7

< 1.5.8

Patched versions

2.1.4

2.0.7

1.5.8

github.com/CosmWasm/wasmvm (Go)

< 1.5.5

1.5.5

github.com/CosmWasm/wasmvm/v2 (Go)

>= 2.1.0, < 2.1.3

>= 2.0.0, < 2.0.4

2.1.3

2.0.4

Description

See CWA-2024-008 for more details on how to patch this.