GHSA-5v93-9mqw-p9mh: Uncaught Panic in ORML Rewards Pallet
A vulnerability in the add_share
function of the Rewards pallet (part of the ORML repository) can lead to an uncaught Rust panic when handling user-provided input exceeding the u128
range.
References
- github.com/advisories/GHSA-5v93-9mqw-p9mh
- github.com/open-web3-stack/open-runtime-module-library
- github.com/open-web3-stack/open-runtime-module-library/commit/6720fcd92f44e5f204741b04fdef3b67b0fcf6bc
- github.com/open-web3-stack/open-runtime-module-library/pull/1016
- github.com/open-web3-stack/open-runtime-module-library/security/advisories/GHSA-5v93-9mqw-p9mh
Detect and mitigate GHSA-5v93-9mqw-p9mh with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →