First published: Wed Apr 24 2024(Updated: )
Some mathematical operations in `cosmwasm-std` use wrapping math instead of panicking on overflow for very big numbers. This can lead to wrong calculations in contracts that use these operations. Affected functions: - `Uint{256,512}::pow` / `Int{256,512}::pow` - `Int{256,512}::neg` Affected if `overflow-checks = true` is not set: - `Uint{64,128}::pow` / `Int{64,128}::pow` - `Int{64,128}::neg`
Affected Software | Affected Version | How to fix |
---|---|---|
rust/cosmwasm-std | >=2.0.0<2.0.2 | 2.0.2 |
rust/cosmwasm-std | >=1.5.0<1.5.4 | 1.5.4 |
rust/cosmwasm-std | >=1.3.0<1.4.4 | 1.4.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.