Return to All Submissions
previous next
Submission Details

#22 Vulnerable version of OpenZeppelin contracts is used

Severity

Medium Risk

Relevant GitHub Links

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/package.json#L6

Summary

The project is using OpenZeppelin contracts 4.8.0 which is vulnerable version.

Vulnerability Details

See the list of vulnerable versions and more explanations about the vulnerabilities here: https://security.snyk.io/package/npm/%40openzeppelin%2Fcontracts

Impact

The protocol is vulnerable to OpenZeppelin vulnerabilities.

Tools Used

Manual Review

Recommendations

Consider using the latest version of OpenZeppelin contracts.

Comments and Activity

Lead Judging Started
hrishibhat Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Too generic
Assigned finding tags:

informational/invalid