The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 07 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Cosmwasm cosmwasm-std
CPEs cpe:2.3:a:cosmwasm:cosmwasm-std:*:*:*:*:*:rust:*:*
Vendors & Products Cosmwasm cosmwasm-std

Wed, 30 Jul 2025 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Cosmwasm
Cosmwasm cosmwasm
Vendors & Products Cosmwasm
Cosmwasm cosmwasm

Mon, 28 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 27 Jul 2025 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N'}


Sun, 27 Jul 2025 20:15:00 +0000

Type Values Removed Values Added
Description The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-07-28T18:55:15.988Z

Reserved: 2025-07-27T00:00:00.000Z

Link: CVE-2024-58263

cve-icon Vulnrichment

Updated: 2025-07-28T15:25:29.530Z

cve-icon NVD

Status : Analyzed

Published: 2025-07-27T20:15:25.230

Modified: 2025-08-07T15:01:17.017

Link: CVE-2024-58263

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-30T15:04:14Z