3 matches found
CVE-2025-53638
CVE-2025-53638 (Solady) affects the Solady library for Solidity snippets. From versions 0.0.125 up to 0.1.23, deploying an account via a proxy and calling its initialization with regular Solidity may silently fail if the initialization function does not return a bool or other data. The root cause...
The isContract function in LibAddress that uses EXTCODESIZE can be vulnerable to the "Contract Creation Code Execution" attack
Lines of code Vulnerability details Impact It will allow the attacker to potentially execute malicious code in the implementation contract at Proof of Concept contract Victim function isContractaddress account public view returnsbool uint32 csize; assembly size := extcodesizeaccount return csize ...
IsContract Function Usage
Handle defsec Vulnerability details Impact the isContract function that uses EXTCODESIZE was discovered to be hackable. The function will return false if it is invoked from a contract's constructor because the contract has not been deployed yet. The code should be used very carefully, if at all, ...