Name of the Vulnerable Software and Affected Versions SoftwareX versions prior to 0.15.1

Description The issue concerns the borsh serialization of the HashMap, which did not adhere to the borsh specification. This led to potential non-canonical encodings that depended on the insertion order, and it failed to perform canonicality checks during decoding. As a result, this could cause consensus splits and lead to equivalent objects being considered distinct.

Recommendations For versions prior to 0.15.1, update to version 0.15.1 to resolve the issue.