The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 06 Aug 2025 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Cosmwasm serde-json-wasm
Weaknesses CWE-787
CPEs cpe:2.3:a:cosmwasm:serde-json-wasm:*:*:*:*:*:rust:*:*
Vendors & Products Cosmwasm serde-json-wasm

Thu, 31 Jul 2025 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Cosmwasm
Cosmwasm serde Json Wasm
Vendors & Products Cosmwasm
Cosmwasm serde Json Wasm

Mon, 28 Jul 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 27 Jul 2025 21:15:00 +0000

Type Values Removed Values Added
Description The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data.
Weaknesses CWE-674
References
Metrics cvssV3_1

{'score': 3.2, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-07-28T15:06:17.073Z

Reserved: 2025-07-27T00:00:00.000Z

Link: CVE-2024-58264

cve-icon Vulnrichment

Updated: 2025-07-28T15:06:13.914Z

cve-icon NVD

Status : Analyzed

Published: 2025-07-27T21:15:26.453

Modified: 2025-08-06T17:02:21.823

Link: CVE-2024-58264

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-31T10:09:20Z