CVE-2023-23940

OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. isvalidethsignature is missing a call to finalizekeccak after calling verifyethsignature. As a result, any contract using isvalidethsignature from the...

OpenZeppelin Contracts for Cairo 安全漏洞

OpenZeppelin Contracts for Cairo is a secure smart contract development library open-sourced by OpenZeppelin. A security vulnerability exists in OpenZeppelin Contracts for Cairo versions prior to 0.15.1, which stems from an unauthorized ownership transfer mechanism that could result in an...

PYSEC-2023-39

OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. isvalidethsignature is missing a call to finalizekeccak after calling verifyethsignature. As a result, any contract using isvalidethsignature from the...

PYSEC-2022-43143

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts vanilla and ethereum flavors in the...