From 7f085ceb0e74759ba88c7f3fb2faa86f0dd54a00 Mon Sep 17 00:00:00 2001 From: Simon Warta Date: Tue, 10 Dec 2024 17:08:57 +0100 Subject: [PATCH] Add title and alias to CWA-2024-008 --- CWAs/CWA-2024-008.md | 2 +- CWAs/README.md | 23 ++++++++++++----------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/CWAs/CWA-2024-008.md b/CWAs/CWA-2024-008.md index 9e5a386..982cceb 100644 --- a/CWAs/CWA-2024-008.md +++ b/CWAs/CWA-2024-008.md @@ -1,4 +1,4 @@ -# CWA-2024-008 +# CWA-2024-008: Panic in wasmvm can slow down block production **Severity** diff --git a/CWAs/README.md b/CWAs/README.md index ed75ca3..64a4e3c 100644 --- a/CWAs/README.md +++ b/CWAs/README.md @@ -2,17 +2,17 @@ ## 2024 -| Severity[^1] | Scope[^2] | ID | Aliases | -| ------------ | --------- | ----------------------------------------------------------------------- | ------------------------------------------ | -| Low | VM | [CWA-2024-009][CWA-2024-009] | -| Medium | VM | [CWA-2024-008][CWA-2024-008] | | -| Medium | VM | [CWA-2024-007: Incorrect metering][CWA-2024-007] | [GHSA-2q97-m5rc-p3gp] | -| Medium | x/wasm | [CWA-2024-006: Non-deterministic module_query_safe query][CWA-2024-006] | [GHSA-fpgj-cr28-fvpx] | -| High | x/wasm | [CWA-2024-005: Stackoverflow in wasmd][CWA-2024-005] | [GHSA-g8w7-7vgg-x7xg] | -| Medium | VM | [CWA-2024-004: Gas mispricing in cosmwasm-vm][CWA-2024-004] | [RUSTSEC-2024-0361], [GHSA-rg2q-2jh9-447q] | -| Low | x/wasm | [CWA-2024-003: Large address count in ValidateBasic][CWA-2024-003] | [GHSA-m3rh-cvr5-x6q4] | -| Medium | Contracts | [CWA-2024-002: Arithmetic overflows in cosmwasm-std][CWA-2024-002] | [RUSTSEC-2024-0338], [GHSA-8724-5xmm-w5xq] | -| Low | Contracts | [CWA-2024-001: Stack overflow in serde-json-wasm][CWA-2024-001] | [RUSTSEC-2024-0012], [GHSA-rr69-rxr6-8qwf] | +| Severity[^1] | Scope[^2] | ID | Aliases | +| ------------ | --------- | ---------------------------------------------------------------------------- | ------------------------------------------ | +| Low | VM | [CWA-2024-009][CWA-2024-009] | +| Medium | VM | [CWA-2024-008: Panic in wasmvm can slow down block production][CWA-2024-008] | [GHSA-vmqh-5232-v43r] | +| Medium | VM | [CWA-2024-007: Incorrect metering][CWA-2024-007] | [GHSA-2q97-m5rc-p3gp] | +| Medium | x/wasm | [CWA-2024-006: Non-deterministic module_query_safe query][CWA-2024-006] | [GHSA-fpgj-cr28-fvpx] | +| High | x/wasm | [CWA-2024-005: Stackoverflow in wasmd][CWA-2024-005] | [GHSA-g8w7-7vgg-x7xg] | +| Medium | VM | [CWA-2024-004: Gas mispricing in cosmwasm-vm][CWA-2024-004] | [RUSTSEC-2024-0361], [GHSA-rg2q-2jh9-447q] | +| Low | x/wasm | [CWA-2024-003: Large address count in ValidateBasic][CWA-2024-003] | [GHSA-m3rh-cvr5-x6q4] | +| Medium | Contracts | [CWA-2024-002: Arithmetic overflows in cosmwasm-std][CWA-2024-002] | [RUSTSEC-2024-0338], [GHSA-8724-5xmm-w5xq] | +| Low | Contracts | [CWA-2024-001: Stack overflow in serde-json-wasm][CWA-2024-001] | [RUSTSEC-2024-0012], [GHSA-rr69-rxr6-8qwf] | [CWA-2024-009]: ./CWA-2024-009.md [CWA-2024-008]: ./CWA-2024-008.md @@ -33,6 +33,7 @@ [GHSA-g8w7-7vgg-x7xg]: https://github.com/advisories/GHSA-g8w7-7vgg-x7xg [GHSA-fpgj-cr28-fvpx]: https://github.com/advisories/GHSA-fpgj-cr28-fvpx [GHSA-2q97-m5rc-p3gp]: https://github.com/CosmWasm/wasmvm/security/advisories/GHSA-2q97-m5rc-p3gp +[GHSA-vmqh-5232-v43r]: https://github.com/CosmWasm/wasmvm/security/advisories/GHSA-vmqh-5232-v43r ## 2023