6 matches found
EUVD-2026-4710
soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives...
CVE-2026-24783
The CVE-2026-24783 issue in soroban-fixed-point-math causes incorrect rounding in mulDiv when both the intermediate product and the divisor are negative, affecting signed FixedPoint implementations (i64, i128, I256) in versions 1.3.0 and 1.4.0. A patch exists in v1.3.1 and v1.4.1; every version &...
CVE-2026-24783
soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was...
CVE-2026-24783 soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives
soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was...
soroban-fixed-point-math security vulnerability
Soroban-Fixed-Point-Math is a mathematical computing code library open source by Script3. Versions 1.3.0 and 1.4.0 of Soroban-Fixed-Point-Math have security vulnerabilities. These vulnerabilities stem from improper handling of negative intermediate products and negative divisors in the mulDiv...
PT-2026-5030
Name of the Vulnerable Software and Affected Versions soroban-fixed-point-math versions 1.3.0 through 1.4.0 Description The mulDivx, y, z function in soroban-fixed-point-math incorrectly handles cases where both the intermediate product x y and the divisor z are negative. The logic incorrectly...