GHSA-7225-m954-23v7: ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panic
(updated )
Name: ASA-2024-010: Mismatched bit-length in sdk.Int and sdk.Dec can lead to panic
Component: Cosmos SDK / Math
Criticality: High (Considerable Impact, and Possible Likelihood per ACMv1.2)
Affected versions: cosmossdk.io/math package versions <= math/v1.3.0
Affected users: Chain Builders + Maintainers, Validators
References
Code Behaviors & Features
Detect and mitigate GHSA-7225-m954-23v7 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →