seeu
low
Compiler version Pragma is non-specific
For non-library contracts, floating pragmas may be a security risk for application implementations
A known vulnerable compiler version may accidentally be selected or security tools might fallback to an older compiler version ending up checking a different EVM compilation that is ultimately deployed on the blockchain.
- op-geth/contracts/checkpointoracle/contract/oracle.sol#L1 =>
pragma solidity ^0.6.0; - op-geth/tests/solidity/contracts/Migrations.sol#L1 =>
pragma solidity >=0.4.21 <0.6.0; - op-geth/tests/solidity/contracts/OpCodes.sol#L1 =>
pragma solidity >=0.4.21 <0.6.0; - optimism/packages/contracts-bedrock/contracts/L2/CrossDomainOwnable.sol#L2 =>
pragma solidity ^0.8.0; - optimism/packages/contracts-bedrock/contracts/L2/CrossDomainOwnable2.sol#L2 =>
pragma solidity ^0.8.0;
Manual Review
Choose a specific pragma solidity version. Example
pragma solidity ^0.8.0; /* => */ pragma solidity 0.8.0;