Lucene search

CVE-2023-23940 OpenZeppelin Contracts for Cairo is vulnerable to signature validation bypass

🗓️ 03 Feb 2023 19:11:43Reported by GitHub_MType

OpenZeppelin Contracts for Cairo is vulnerable to signature validation bypas

Reporter	Title	Published	Views	Family All 8
NVD	CVE-2023-23940	3 Feb 202320:15	–	nvd
Veracode	Improper Verification Of Cryptographic Signature	15 Feb 202307:36	–	veracode
OSV	OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature	2 Feb 202316:59	–	osv
OSV	CVE-2023-23940	3 Feb 202320:15	–	osv
Vulnrichment	CVE-2023-23940 OpenZeppelin Contracts for Cairo is vulnerable to signature validation bypass	3 Feb 202319:43	–	vulnrichment
Github Security Blog	OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature	2 Feb 202316:59	–	github
Prion	Input validation	3 Feb 202320:15	–	prion
CVE	CVE-2023-23940	3 Feb 202320:15	–	cve

[
  {
    "vendor": "OpenZeppelin",
    "product": "cairo-contracts",
    "versions": [
      {
        "version": ">= 0.2.0, < 0.6.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/OpenZeppelin/cairo-contracts/security/advisories/GHSA-626q-v9j4-mcp4
github	www.github.com/OpenZeppelin/cairo-contracts/pull/542/commits/6d4cb750478fca2fd916f73297632f899aca9299

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Feb 2023 19:43Current

6.6Medium risk

Vulners AI Score6.6

CVSS36.4

EPSS0.00063