{"id":26127,"date":"2023-12-05T08:41:09","date_gmt":"2023-12-05T08:41:09","guid":{"rendered":"https:\/\/nftandcrypto-news.com\/crypto\/web3-firm-detects-major-security-flaw-in-common-smart-contracts\/"},"modified":"2023-12-05T08:41:12","modified_gmt":"2023-12-05T08:41:12","slug":"web3-firm-detects-major-security-flaw-in-common-smart-contracts","status":"publish","type":"post","link":"https:\/\/nftandcrypto-news.com\/crypto\/web3-firm-detects-major-security-flaw-in-common-smart-contracts\/","title":{"rendered":"Web3 firm detects major security flaw in common smart contracts"},"content":{"rendered":"
<\/p>\n
Smart contract development firm Thirdweb reported a security vulnerability that potentially \u201cimpacts a variety of smart contracts across the Web3 ecosystem.\u201d<\/p>\n
On Dec. 4, Thirdweb reported a vulnerability in a commonly used open-source library that could impact specific pre-built smart contracts, including some of its own.\u00a0However, Thirdweb\u2019s investigations concluded that the smart contract vulnerability has not yet been exploited, allowing a small window of opportunity for Web3 firms to avoid a possible hack.<\/p>\n
Highlighting the vulnerability\u2019s potential to cause massive damage if not rectified immediately, Thirdweb stated<\/a>:<\/p>\n \u201cThe impacted pre-built contracts include but are not limited to DropERC20, ERC721, ERC1155 (all versions), and AirdropERC20.\u201d<\/p><\/blockquote>\n Following the proactive warning to Web3 ecosystem,\u00a0the firm cautioned users who deployed its contracts before Nov. 22 to \u201ctake mitigation steps\u201d independently or by using a company-provided tool.<\/p>\n IMPORTANT <\/p>\n On November 20th, 2023 6pm PST, we became aware of a security vulnerability in a commonly used open-source library in the web3 industry.<\/p>\n This impacts a variety of smart contracts across the web3 ecosystem, including some of thirdweb\u2019s pre-built smart contracts.\u2026<\/p>\n\n