cw20 2.0.0

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `cw20`

Dependencies

(5 total, 4 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
cosmwasm-schema	`^2.0.0`	`3.0.2`	out of date
cosmwasm-std ⚠️	`^2.0.0`	`3.0.2`	out of date
cw-utils	`^2.0.0`	`3.0.0`	out of date
schemars	`^0.8.15`	`1.0.4`	out of date
serde	`^1.0.188`	`1.0.228`	up to date

Dev dependencies

(1 total, 1 outdated)

Crate	Required	Latest	Status
cosmwasm-schema	`^2.0.0`	`3.0.2`	out of date

Security Vulnerabilities

`cosmwasm-std`: Arithmetic overflows in cosmwasm-std

RUSTSEC-2024-0338

Some mathematical operations in cosmwasm-std use wrapping math instead of panicking on overflow for very big numbers. This can lead to wrong calculations in contracts that use these operations.

Affected functions:

Uint{256,512}::pow / Int{256,512}::pow
Int{256,512}::neg

Affected if overflow-checks = true is not set:

Uint{64,128}::pow / Int{64,128}::pow
Int{64,128}::neg