3 matches found
CVE-2023-34449
ink! is an embedded domain specific language to write smart contracts in Rust for blockchains built on the Substrate framework. Starting in version 4.0.0 and prior to version 4.2.1, the return value when using delegate call mechanics, either through CallBuilder::delegate or...
CVE-2023-34449 ink! vulnerable to incorrect decoding of storage value when using `DelegateCall`
ink! is an embedded domain specific language to write smart contracts in Rust for blockchains built on the Substrate framework. Starting in version 4.0.0 and prior to version 4.2.1, the return value when using delegate call mechanics, either through CallBuilder::delegate or...
CVE-2023-34449
The CVE-2023-34449 issue affects ink! (Rust-based eDSL for Substrate). Affected versions are 4.0.0 up to, but not including, 4.2.1; the bug arises from incorrect decoding of the return value when using delegate call mechanics via CallBuilder::delegate or ink_env::invoke_contract_delegate. The roo...