VYPR

PyPI package

openzeppelin-cairo-contracts

pkg:pypi/openzeppelin-cairo-contracts

Vulnerabilities (2)

  • CVE-2023-23940Feb 3, 2023
    affected >= 0.2.0, < 0.6.1fixed 0.6.1

    OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. `is_valid_eth_signature` is missing a call to `finalize_keccak` after calling `verify_eth_signature`. As a result, any contract using `is_

  • CVE-2022-31153Jul 15, 2022
    affected < 0.2.1fixed 0.2.1

    OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum