Floating Pragma can be potential security risk

[hats-bug-reporter[bot]]

Github username: @burhankhaja Twitter username: imaybeghost Submission hash (on-chain): 0xb676d6c212e9d4738e196da1102d0743a6d1310fcde01ddee8b6e721d8d8b995 Severity: low

Description: Description\ Majority of the soldiity files in the codebase are defined with concrete 0.8.17 version,except for :

• FunctionParameters.sol (library)
• ChecksAndValidations.sol

While this often makes sense for libraries to allow them to be included with multiple different versions of an application, it may be a security risk for the actual application implementation itself. A known vulnerable compiler version may accidentally be selected or security tools might fall-back to and older compiler version ending up actually checking a different evm compilation that is ultimately deployed on the blockchain.

Recommendation\ In ChecksAndValidations.sol Pin concreate 0.8.17 version

- pragma solidity ^0.8.0;
+ pragma solidity 0.8.17;

Attack Scenario\ potential security risk

Attachments

1. Proof of Concept (PoC) File

2. Revised Code File (Optional)

[langnavina97]

Thank you for submitting the issue. We've resolved it and pushed the changes, which can be found here: https://github.com/Velvet-Capital/velvet-core/commit/25ef3e7a2bdf56f57901dba2f84ebf5ed5df7835

@burhankhaja