Cairo Contracts Security Vulnerabilities and Issues — Cairo Contracts CVE List

Lucene search

OpenzeppelinCairo Contracts

3 matches found

CVE•added 2022/07/15 6:15 p.m.•76 views

CVE-2022-31153

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0...

6.5CVSS6.4AI score0.00495EPSS

CVE•added 2023/02/03 8:15 p.m.•61 views

CVE-2023-23940

OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. is_valid_eth_signature is missing a call to finalize_keccak after calling verify_eth_signature. As a result, any contract using is_valid_eth_signature from t...

6.4CVSS5.4AI score0.00007EPSS

CVE•added 2024/08/31 12:15 a.m.•41 views

CVE-2024-45304

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintended...

6.5CVSS5.7AI score0.00019EPSS