CVE-2022-35961

Name of the Vulnerable Software and Affected Versions OpenZeppelin Contracts versions prior to 4.7.3

Description The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This issue affects contracts that implement signature reuse or replay protection by marking the signature itself as used, rather than the signed message or a nonce included in it. A user may submit a previously used signature in a different form, bypassing this protection.

Recommendations For versions prior to 4.7.3, update to version 4.7.3 to resolve the issue. As a temporary workaround, consider modifying the contracts to implement signature reuse or replay protection by marking the signed message or a nonce included in it as used, rather than the signature itself. Restrict access to the ECDSA.recover and ECDSA.tryRecover functions to minimize the risk of exploitation.