The rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide

Impact The contractimpl macro contains a bug in how it wires up function calls. In Rust, you can define functions on a type in two ways: - Directly on the type as an inherent function: rust impl MyContract fn value ... - Through a trait rust impl Trait for MyContract fn value ... These are two...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : cipher-base vulnerability (USN-7746-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7746-1 advisory. Nikita Skovoroda discovered that cipher-base did not properly manage certain inputs. An attacker could possibly use th...

Function collision between extension functions and account functions

Lines of code Vulnerability details Impact Users or owner can't use extensions because of collision between extension functions and account functions Proof of Concept Whenever someone calls account it will check for functions inside it, if there isn't function it goes to fallback to check...

Denial Of Service (DoS)

ruby is vulnerable to denial of service. A denial of service flaw was found in the implementation of associative arrays hashes in Ruby. An attacker able to supply a large number of inputs to a Ruby application such as HTTP POST request parameters sent to a web application that are used as keys wh...

PYSEC-2017-143

The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision...