Outdated OpenZeppelin Library

[hats-bug-reporter[bot]]

Github username: @catellaTech Twitter username: catellatech Submission hash (on-chain): 0x341f7e7f8c71b8caf0233bcc398a17056fcef00ce96fcc693f12556afb3461a7 Severity: low

Description:

Summary

You are currently using OpenZeppelin contracts library version 4.6.0 (released on 2022-04-26). This version is slightly outdated, and the latest version 5.0.2 (released on 2024-02-29) includes several optimizations and minor fixes.

Vulnerability Detail

The latest version of OpenZeppelin provides improvements in performance and resolves minor bugs. You can check the complete list of changes since version 4.6.0 in the following link: OpenZeppelin Changelog

Impact

• Potentially unoptimized methods
• Minor bugs that have been addressed in later versions

Code Snippet

This issue can be seen in the package.json file of the project: Link to code

Tool used

• Manual review

Recommendation

It is recommended to upgrade the OpenZeppelin library to the latest version, 5.0.2, to benefit from optimizations and bug fixes.

[Ghoulouis]

Using version 4.6 still maintains stability