Last updated: March 11, 2025
SCWE-061: Outdated Compiler Version
Stable Version v0.0.1
This content is in the version-(v0.0.1) and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).
Send Feedback
Relationships
Description
Using an outdated compiler version can expose a smart contract to vulnerabilities that have already been patched in newer versions. Compiler versions often include security fixes, optimizations, and new features that are crucial for the safety and performance of contracts.
To mitigate this vulnerability, always use the most up-to-date stable version of the Solidity compiler. Ensure that your development environment is regularly updated to incorporate the latest security patches, optimizations, and features provided by newer versions of the compiler.
Vulnerable Contract Example
pragma solidity 0.4.24; // Outdated compiler version
contract Vulnerable {
uint public value;
function setValue(uint _value) public {
value = _value;
}
}
Fixed Contract Example
pragma solidity 0.8.4; // Updated compiler version for better security and performance
contract Fixed {
uint public value;
function setValue(uint _value) public {
value = _value;
}
}