@openzeppelin/contracts is vulnerable to authentication bypass. The vulnerability exists because the abi.decode
is getting unexpectedly reverted in the isValidSignatureNow
function of SignatureChecker.sol
and _supportsERC165Interfacedue
function of ERC165Checker.sol
due to the incorrect assumption about abi.decode
, allowing a malicious user to pass an invalid signature to the system and become authenticated.
github.com/advisories/GHSA-4g63-c64m-25w9
github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/commit/5e9bccb282ee8f3c9c4abaccc74b40b9d34ccffa
github.com/OpenZeppelin/openzeppelin-contracts/commit/212de08e7f47b9836acca681ce0c9c6f91fe78aa
github.com/OpenZeppelin/openzeppelin-contracts/pull/3552
github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-4g63-c64m-25w9