Skip to main content

Naga

2 CVEs product

Monthly

CVE-2024-36761 CRITICAL POC Act Now

naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Wgpu Naga
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2018-13492 HIGH This Week

The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Naga
NVD GitHub
CVSS 3.0
7.5
EPSS
1.3%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Wgpu +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Naga
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy