Stack Consumption Vulnerability in Rust's Serde-Json-Wasm Library
CVE-2024-58264

7.5HIGH

Key Information:

Vendor: Cosmwasm
Status: Serde-json-wasm
Vendor: CVE Published:; 27 July 2025

What is CVE-2024-58264?

A vulnerability exists in the Serde-Json-Wasm crate prior to version 1.0.1 that permits stack consumption through deeply nested JSON data. This issue could potentially lead to denial-of-service conditions if exploited by an attacker, especially in applications that handle large or complex JSON structures without adequate safeguards.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

serde-json-wasm 0 < 0.5.2

serde-json-wasm 1.0.0 < 1.0.1

References

https://rustsec.org/advisories/RUSTSEC-2024-0012.html

https://github.com/advisories/GHSA-rr69-rxr6-8qwf

https://crates.io/crates/serde-json-wasm

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 27, 2025
Vulnerability Reserved
Jul 27, 2025

JSON

Cosmwasm

What is CVE-2024-58264?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.