search

sherlock-audit / 2023-03-taurus-judging

4 stars 0 forks source link

mgf15 - Using vulnerable dependency of OpenZeppelin #198

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

mgf15

medium

Using vulnerable dependency of OpenZeppelin

Summary

Using vulnerable dependency of OpenZeppelin .

Vulnerability Detail

The package.json configuration file says that the project is using 4.6.0 of OZ which has a not last update version.

Impact

Code Snippet

https://github.com/sherlock-audit/2023-03-taurus/blob/main/taurus-contracts/package.json#L35

Tool used

Manual Review

Recommendation

update OZ