CVE-2024-30253
- Source
- https://cve.org/CVERecord?id=CVE-2024-30253
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-30253.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-30253
- Aliases
- Published
- 2024-04-17T15:07:27.546Z
- Modified
- 2025-11-30T18:53:40.595190Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Handling untrusted input can result in a crash, leading to loss of availability / denial of service
- Details
-
@solana/web3.js is the Solana JavaScript SDK. Using particular inputs with
@solana/web3.jswill result in memory exhaustion (OOM). If you have a server, client, mobile, or desktop product that accepts untrusted input for use with@solana/web3.js, your application/service may crash, resulting in a loss of availability. This vulnerability is fixed in 1.0.1, 1.10.2, 1.11.1, 1.12.1, 1.1.2, 1.13.1, 1.14.1, 1.15.1, 1.16.2, 1.17.1, 1.18.1, 1.19.1, 1.20.3, 1.21.1, 1.22.1, 1.23.1, 1.24.3, 1.25.1, 1.26.1, 1.27.1, 1.28.1, 1.2.8, 1.29.4, 1.30.3, 1.31.1, 1.3.1, 1.32.3, 1.33.1, 1.34.1, 1.35.2, 1.36.1, 1.37.3, 1.38.1, 1.39.2, 1.40.2, 1.41.11, 1.4.1, 1.42.1, 1.43.7, 1.44.4, 1.45.1, 1.46.1, 1.47.5, 1.48.1, 1.49.1, 1.50.2, 1.51.1, 1.5.1, 1.52.1, 1.53.1, 1.54.2, 1.55.1, 1.56.3, 1.57.1, 1.58.1, 1.59.2, 1.60.1, 1.61.2, 1.6.1, 1.62.2, 1.63.2, 1.64.1, 1.65.1, 1.66.6, 1.67.3, 1.68.2, 1.69.1, 1.70.4, 1.71.1, 1.72.1, 1.7.2, 1.73.5, 1.74.1, 1.75.1, 1.76.1, 1.77.4, 1.78.8, 1.79.1, 1.80.1, 1.81.1, 1.8.1, 1.82.1, 1.83.1, 1.84.1, 1.85.1, 1.86.1, 1.87.7, 1.88.1, 1.89.2, 1.90.2, 1.9.2, and 1.91.3. - Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/30xxx/CVE-2024-30253.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-119" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/30xxx/CVE-2024-30253.json
- https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0
- https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347
- https://nvd.nist.gov/vuln/detail/CVE-2024-30253
Affected packages
Git / github.com/solana-foundation/solana-web3.js
Affected ranges
- Type
- GIT
- Repo
- https://github.com/solana-foundation/solana-web3.js
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
preview
tp
tp2
v0.*
v0.61.1
v0.61.2
v0.61.3
v0.61.4
v0.62.0
v0.63.0
v0.63.1
v0.63.2
v0.64.0
v0.64.1
v0.64.2
v0.64.3
v0.65.0
v0.66.0
v0.66.1
v0.66.2
v0.66.3
v0.66.4
v0.67.0
v0.68.0
v0.69.0
v0.70.0
v0.70.1
v0.70.2
v0.70.3
v0.71.0
v0.71.1
v0.71.10
v0.71.11
v0.71.12
v0.71.13
v0.71.14
v0.71.2
v0.71.3
v0.71.4
v0.71.5
v0.71.6
v0.71.7
v0.71.8
v0.71.9
v0.72.0
v0.73.0
v0.74.0
v0.75.0
v0.75.1
v0.75.2
v0.76.0
v0.77.0
v0.78.0
v0.78.1
v0.78.2
v0.78.3
v0.78.4
v0.79.0
v0.79.1
v0.80.0
v0.80.1
v0.80.2
v0.81.0
v0.82.0
v0.83.0
v0.83.1
v0.84.0
v0.84.1
v0.85.0
v0.86.0
v0.86.1
v0.86.2
v0.86.3
v0.86.4
v0.87.0
v0.87.1
v0.87.2
v0.88.0
v0.89.0
v0.89.1
v0.90.0
v0.90.1
v0.90.2
v0.90.3
v0.90.4
v0.90.5
v0.91.0
v0.91.1
v0.91.2
v0.91.3
v0.92.0
v0.92.1
v0.92.2
v0.92.3
v0.93.0
v0.94.0
v0.94.1
v0.94.2
v0.95.0
v0.96.0
v0.97.0
v0.98.0
v1.*
v1.0.0
v1.1.0
v1.1.1
v1.10.0
v1.10.1
v1.11.0
v1.12.0
v1.13.0
v1.14.0
v1.15.0
v1.16.0
v1.16.1
v1.17.0
v1.18.0
v1.19.0
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.20.0
v1.20.1
v1.20.2
v1.21.0
v1.22.0
v1.23.0
v1.24.0
v1.24.1
v1.24.2
v1.25.0
v1.26.0
v1.27.0
v1.28.0
v1.29.0
v1.29.1
v1.29.2
v1.29.3
v1.3.0
v1.30.0
v1.30.1
v1.30.2
v1.31.0
v1.32.0
v1.32.1
v1.32.2
v1.33.0
v1.34.0
v1.35.0
v1.35.1
v1.36.0
v1.37.0
v1.37.1
v1.37.2
v1.38.0
v1.39.0
v1.39.1
v1.4.0
v1.40.0
v1.40.1
v1.41.0
v1.41.1
v1.41.10
v1.41.2
v1.41.3
v1.41.4
v1.41.5
v1.41.6
v1.41.7
v1.41.8
v1.41.9
v1.42.0
v1.43.0
v1.43.1
v1.43.2
v1.43.3
v1.43.4
v1.43.5
v1.43.6
v1.44.0
v1.44.1
v1.44.2
v1.44.3
v1.45.0
v1.46.0
v1.47.0
v1.47.1
v1.47.2
v1.47.3
v1.47.4
v1.48.0
v1.49.0
v1.5.0
v1.50.0
v1.50.1
v1.51.0
v1.52.0
v1.53.0
v1.54.0
v1.54.1
v1.55.0
v1.56.0
v1.56.1
v1.56.2
v1.57.0
v1.58.0
v1.59.0
v1.59.1
v1.6.0
v1.60.0
v1.61.0
v1.61.1
v1.62.0
v1.62.1
v1.63.0
v1.63.1
v1.64.0
v1.65.0
v1.66.0
v1.66.1
v1.66.2
v1.66.3
v1.66.4
v1.66.5
v1.67.0
v1.67.1
v1.67.2
v1.68.0
v1.68.1
v1.69.0
v1.7.0
v1.7.1
v1.70.0
v1.70.1
v1.70.2
v1.70.3
v1.71.0
v1.72.0
v1.73.0
v1.73.1
v1.73.2
v1.73.3
v1.73.4
v1.74.0
v1.75.0
v1.76.0
v1.77.0
v1.77.1
v1.77.2
v1.77.3
v1.78.0
v1.78.1
v1.78.2
v1.78.3
v1.78.4
v1.78.5
v1.78.6
v1.78.7
v1.79.0
v1.8.0
v1.80.0
v1.81.0
v1.82.0
v1.83.0
v1.84.0
v1.85.0
v1.86.0
v1.87.0
v1.87.1
v1.87.2
v1.87.3
v1.87.4
v1.87.5
v1.87.6
v1.88.0
v1.89.0
v1.89.1
v1.9.0
v1.9.1
v1.90.0
v1.90.1
v1.91.0
v1.91.1
v1.91.2
Git / github.com/solana-labs/solana-web3.js
Affected ranges
- Type
- GIT
- Repo
- https://github.com/solana-labs/solana-web3.js
- Events
- Database specific
{ "versions": [ { "introduced": "1.91.0" }, { "fixed": "1.91.3" } ] }
- Type
- GIT
- Repo
- https://github.com/solana-labs/solana-web3.js
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "= 1.88.0" }, { "last_affected": "= 1.86.0" }, { "last_affected": "= 1.85.0" }, { "last_affected": "= 1.84.0" }, { "last_affected": "= 1.83.0" }, { "last_affected": "= 1.82.0" }, { "last_affected": "= 1.81.0" }, { "last_affected": "= 1.80.0" }, { "last_affected": "= 1.79.0" }, { "last_affected": "= 1.76.0" }, { "last_affected": "= 1.75.0" }, { "last_affected": "= 1.74.0" }, { "last_affected": "= 1.72.0" }, { "last_affected": "= 1.71.0" }, { "last_affected": "= 1.69.0" }, { "last_affected": "= 1.65.0" }, { "last_affected": "= 1.64.0" }, { "last_affected": "= 1.60.0" }, { "last_affected": "= 1.58.0" }, { "last_affected": "= 1.57.0" }, { "last_affected": "= 1.55.0" }, { "last_affected": "= 1.53.0" }, { "last_affected": "= 1.52.0" }, { "last_affected": "= 1.51.0" }, { "last_affected": "= 1.49.0" }, { "last_affected": "= 1.48.0" }, { "last_affected": "= 1.46.0" }, { "last_affected": "= 1.45.0" }, { "last_affected": "= 1.42.0" }, { "last_affected": "= 1.38.0" }, { "last_affected": "= 1.36.0" }, { "last_affected": "= 1.34.0" }, { "last_affected": "= 1.33.0" }, { "last_affected": "= 1.31.0" }, { "last_affected": "= 1.28.0" }, { "last_affected": "= 1.27.0" }, { "last_affected": "= 1.26.0" }, { "last_affected": "= 1.25.0" }, { "last_affected": "= 1.23.0" }, { "last_affected": "= 1.22.0" }, { "last_affected": "= 1.21.0" }, { "last_affected": "= 1.19.0" }, { "last_affected": "= 1.18.0" }, { "last_affected": "= 1.17.0" }, { "last_affected": "= 1.15.0" }, { "last_affected": "= 1.14.0" }, { "last_affected": "= 1.13.0" }, { "last_affected": "= 1.12.0" }, { "last_affected": "= 1.11.0" }, { "last_affected": "= 1.8.0" }, { "last_affected": "= 1.6.0" }, { "last_affected": "= 1.5.0" }, { "last_affected": "= 1.4.0" }, { "last_affected": "= 1.3.0" } ] }
Affected versions
Other
preview
tp
tp2
v0.*
v0.61.1
v0.61.2
v0.61.3
v0.61.4
v0.62.0
v0.63.0
v0.63.1
v0.63.2
v0.64.0
v0.64.1
v0.64.2
v0.64.3
v0.65.0
v0.66.0
v0.66.1
v0.66.2
v0.66.3
v0.66.4
v0.67.0
v0.68.0
v0.69.0
v0.70.0
v0.70.1
v0.70.2
v0.70.3
v0.71.0
v0.71.1
v0.71.10
v0.71.11
v0.71.12
v0.71.13
v0.71.14
v0.71.2
v0.71.3
v0.71.4
v0.71.5
v0.71.6
v0.71.7
v0.71.8
v0.71.9
v0.72.0
v0.73.0
v0.74.0
v0.75.0
v0.75.1
v0.75.2
v0.76.0
v0.77.0
v0.78.0
v0.78.1
v0.78.2
v0.78.3
v0.78.4
v0.79.0
v0.79.1
v0.80.0
v0.80.1
v0.80.2
v0.81.0
v0.82.0
v0.83.0
v0.83.1
v0.84.0
v0.84.1
v0.85.0
v0.86.0
v0.86.1
v0.86.2
v0.86.3
v0.86.4
v0.87.0
v0.87.1
v0.87.2
v0.88.0
v0.89.0
v0.89.1
v0.90.0
v0.90.1
v0.90.2
v0.90.3
v0.90.4
v0.90.5
v0.91.0
v0.91.1
v0.91.2
v0.91.3
v0.92.0
v0.92.1
v0.92.2
v0.92.3
v0.93.0
v0.94.0
v0.94.1
v0.94.2
v0.95.0
v0.96.0
v0.97.0
v0.98.0
v1.*
v1.0.0
v1.1.0
v1.1.1
v1.10.0
v1.10.1
v1.11.0
v1.12.0
v1.13.0
v1.14.0
v1.15.0
v1.16.0
v1.16.1
v1.17.0
v1.18.0
v1.19.0
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.20.0
v1.20.1
v1.20.2
v1.21.0
v1.22.0
v1.23.0
v1.24.0
v1.24.1
v1.24.2
v1.25.0
v1.26.0
v1.27.0
v1.28.0
v1.29.0
v1.29.1
v1.29.2
v1.29.3
v1.3.0
v1.30.0
v1.30.1
v1.30.2
v1.31.0
v1.32.0
v1.32.1
v1.32.2
v1.33.0
v1.34.0
v1.35.0
v1.35.1
v1.36.0
v1.37.0
v1.37.1
v1.37.2
v1.38.0
v1.39.0
v1.39.1
v1.4.0
v1.40.0
v1.40.1
v1.41.0
v1.41.1
v1.41.10
v1.41.2
v1.41.3
v1.41.4
v1.41.5
v1.41.6
v1.41.7
v1.41.8
v1.41.9
v1.42.0
v1.43.0
v1.43.1
v1.43.2
v1.43.3
v1.43.4
v1.43.5
v1.43.6
v1.44.0
v1.44.1
v1.44.2
v1.44.3
v1.45.0
v1.46.0
v1.47.0
v1.47.1
v1.47.2
v1.47.3
v1.47.4
v1.48.0
v1.49.0
v1.5.0
v1.50.0
v1.50.1
v1.51.0
v1.52.0
v1.53.0
v1.54.0
v1.54.1
v1.55.0
v1.56.0
v1.56.1
v1.56.2
v1.57.0
v1.58.0
v1.59.0
v1.59.1
v1.6.0
v1.60.0
v1.61.0
v1.61.1
v1.62.0
v1.62.1
v1.63.0
v1.63.1
v1.64.0
v1.65.0
v1.66.0
v1.66.1
v1.66.2
v1.66.3
v1.66.4
v1.66.5
v1.67.0
v1.67.1
v1.67.2
v1.68.0
v1.68.1
v1.69.0
v1.7.0
v1.7.1
v1.70.0
v1.70.1
v1.70.2
v1.70.3
v1.71.0
v1.72.0
v1.73.0
v1.73.1
v1.73.2
v1.73.3
v1.73.4
v1.74.0
v1.75.0
v1.76.0
v1.77.0
v1.77.1
v1.77.2
v1.77.3
v1.78.0
v1.78.1
v1.78.2
v1.78.3
v1.78.4
v1.78.5
v1.78.6
v1.78.7
v1.79.0
v1.8.0
v1.80.0
v1.81.0
v1.82.0
v1.83.0
v1.84.0
v1.85.0
v1.86.0
v1.87.0
v1.87.1
v1.87.2
v1.87.3
v1.87.4
v1.87.5
v1.87.6
v1.88.0
v1.9.0
v1.9.1
v1.91.0
v1.91.1
v1.91.2