CVE-2024-37154: Evmos allows unvested token delegations
(updated )
What kind of vulnerability is it? Who is impacted?
At the moment, users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via ClawbackVestingAccount
.
References
Detect and mitigate CVE-2024-37154 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →