CVE-2022-48216

Incorrect Authorization in npm/@uniswap/universal-router

Identifiers

GHSA-7m37-cx35-qgmr, CVE-2022-48216

Package Slug

npm/@uniswap/universal-router

Vulnerability

Incorrect Authorization

Description

Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds.

Affected Versions

All versions before 1.1.0

Solution

Upgrade to version 1.1.0 or above.

Last Modified

2023-01-12

source