Vulnerability in Matter-labs Era-compiler-solidity
CVE-2024-34704
era-compiler-solidity is the ZKsync compiler for Solidity. The problem occurred during instruction selection in the `DAGCombine` phase while visiting the XOR operation. The issue arises when attempting to fold the expression `!(x cc y)` i…
EPSS: 0.003 (54.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Matter-labs Era-compiler-solidity — versions >= 1.2.0, <= 1.4.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-34704?
- CVE-2024-34704 is a medium-severity vulnerability in Matter-labs Era-compiler-solidity, classified under Incorrect Calculation. CVSS score: 5.9/10. Published 2024-05-13.
- How severe is CVE-2024-34704?
- Medium severity. CVSS v3 base score is 5.9 out of 10.