-
Notifications
You must be signed in to change notification settings - Fork 3.6k
Security: cosmos/cosmos-sdk
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panicGHSA-7225-m954-23v7 published
Nov 20, 2024 by julienrbrtHigh -
ASA-2024-006: ValidateVoteExtensions helper function may allow incorrect voting power assumptionsGHSA-95rx-m9m5-m94v published
Mar 12, 2024 by mizmo18High -
ASA-2024-002: Default `PrepareProposalHandler` may produce invalid proposals when used with default `SenderNonceMempool`GHSA-2557-x9mg-76w8 published
Feb 20, 2024 by mizmo18Moderate -
ASA-2024-003: Missing `BlockedAddressed` Validation in Vesting ModuleGHSA-4j93-fm92-rp4m published
Feb 20, 2024 by mizmo18Moderate -
ASA-2024-005: Potential slashing evasion during re-delegationGHSA-86h5-xcpx-cfqc published
Feb 27, 2024 by mizmo18Low -
ASA-2023-001: CosmovisorGHSA-23px-mw2p-46qm published
Sep 6, 2023 by jessysaurusrexModerate -
Barberry Security Advisory - regarding x/auth periodic vesting accountsGHSA-j2cr-jc39-wpx5 published
Jul 7, 2023 by greg-szaboModerate -
x/crisis does not charge ConstantFeeGHSA-w5w5-2882-47pc published
Jun 30, 2023 by greg-szaboLow -
x/crisis does NOT cause chain haltGHSA-qfc5-6r3j-jj22 published
May 30, 2023 by greg-szaboLow -
Authz Module Non-DeterminismGHSA-2p6r-37p9-89p2 published
Oct 20, 2021 by aaroncHigh