The source files have different solidity compiler ranges referenced. This leads to potential security flaws between deployed contracts depending on the compiler version chosen for any particular file. It also greatly increases the cost of maintenance as different compiler versions have different semantics and behavior.
Handle
maplesyrup
Vulnerability details
Impact
The source files have different solidity compiler ranges referenced. This leads to potential security flaws between deployed contracts depending on the compiler version chosen for any particular file. It also greatly increases the cost of maintenance as different compiler versions have different semantics and behavior.
Proof of Concept
This defect has numerous surfaces at https://github.com/code-423n4/2021-05-nftx/tree/main/nftx-protocol-v2/contracts/solidity
Different versions of Solidity are used in :
Tools Used
Slither
Recommended Mitigation Steps
Fix a definite compiler range that is consistent between contracts and upgrade any affected contracts to conform to the specified compiler.