Closed sherlock-admin closed 1 year ago
mgf15
medium
Using vulnerable dependency of OpenZeppelin .
The package.json configuration file says that the project is using 4.6.0 of OZ which has a not last update version.
https://github.com/sherlock-audit/2023-03-taurus/blob/main/taurus-contracts/package.json#L35
Manual Review
update OZ
mgf15
medium
Using vulnerable dependency of OpenZeppelin
Summary
Using vulnerable dependency of OpenZeppelin .
Vulnerability Detail
The package.json configuration file says that the project is using 4.6.0 of OZ which has a not last update version.
Impact
Code Snippet
https://github.com/sherlock-audit/2023-03-taurus/blob/main/taurus-contracts/package.json#L35
Tool used
Manual Review
Recommendation
update OZ