Access Control Bypass Affecting cairo-lang package, versions [,0.10.0)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-CAIROLANG-3038523
- published 2 Oct 2022
- disclosed 2 Oct 2022
- credit Unknown
How to fix?
Upgrade cairo-lang
to version 0.10.0 or higher.
Overview
cairo-lang is a Compiler and runner for the Cairo language
Affected versions of this package are vulnerable to Access Control Bypass via 'uint256_unsigned_div_rem', which allows a malicious prover to return a wrong result.
References
CVSS Scores
version 3.1