Lucene search
K

5 matches found

osv
osv
added 2026/02/19 7:35 p.m.5 views

CVE-2026-26267 rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide

soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the contractimpl macro contains a bug in how it wires up function calls. contractimpl generates code that uses MyContract::value style calls even when it's processing the trait version. This means if a...

7.5CVSS5.7AI score0.00317EPSS
Exploits1References7
cve
cve
added 2026/02/19 7:35 p.m.13 views

CVE-2026-26267

The CVE-2026-26267 issue affects soroban-sdk-macros prior to versions 22.0.10, 23.5.2, and 25.1.1. The macro’s trait-implementation wiring can cause the generated call to resolve to an inherent function (MyContract::value) instead of the trait function when an identically named inherent function ...

7.5CVSS5.7AI score0.00317EPSS
Exploits1References5Affected Software1
osv
osv
added 2026/02/17 9:29 p.m.8 views

GHSA-4CHV-4C6W-W254 The rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide

Impact The contractimpl macro contains a bug in how it wires up function calls. In Rust, you can define functions on a type in two ways: - Directly on the type as an inherent function: rust impl MyContract fn value ... - Through a trait rust impl Trait for MyContract fn value ... These are two...

7.5CVSS5.7AI score0.00317EPSS
Exploits1References7
github
github
added 2026/02/17 9:29 p.m.11 views

The rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide

Impact The contractimpl macro contains a bug in how it wires up function calls. In Rust, you can define functions on a type in two ways: - Directly on the type as an inherent function: rust impl MyContract fn value ... - Through a trait rust impl Trait for MyContract fn value ... These are two...

7.5CVSS5.6AI score0.00317EPSS
Exploits1References7Affected Software1
ptsecurity
ptsecurity
added 2026/02/17 12:0 a.m.10 views

PT-2026-20342

Name of the Vulnerable Software and Affected Versions soroban-sdk-macros versions prior to 22.0.10 soroban-sdk-macros versions prior to 23.5.2 soroban-sdk-macros versions prior to 25.1.1 Description The contractimpl macro in soroban-sdk-macros has a flaw in how it manages function calls. When...

7.5CVSS5.6AI score0.00317EPSS
Exploits1References8
Rows per page
Query Builder