Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

@openzeppelin/contracts

npm

Secure Smart Contract library for Solidity

View on github.com · View on npmjs.org

Moderate Security Advisories for @openzeppelin/contracts in npm Clear Filters

Moderate
3 months ago

OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers GSA_kwCzR0hTQS05cmN3LWMyZjktMmo1Nc4ABKP_

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
almost 2 years ago

OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4 GSA_kwCzR0hTQS02OTlnLXE2cWgtcTR2OM4AA3q7

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
about 2 years ago

OpenZeppelin Contracts vulnerable to Improper Escaping of Output GSA_kwCzR0hTQS1nNHZwLW02ODItcXFtcM4AA1Qt

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
over 2 years ago

OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific trees GSA_kwCzR0hTQS13cHJ2LTkzcjQtamoycM4AAz8m

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
over 2 years ago

OpenZeppelin Contracts's governor proposal creation may be blocked by frontrunning GSA_kwCzR0hTQS01aDN4LTl3dnEtdzRtMs4AAzvg

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
over 2 years ago

OpenZeppelin Contracts TransparentUpgradeableProxy clashing selector calls may not be delegated GSA_kwCzR0hTQS1teDJxLTM1bTIteDJyaM4AAy0V

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
over 2 years ago

OpenZeppelin Contracts contains Incorrect Calculation GSA_kwCzR0hTQS04NzhtLTNnNnEtNTk0cc4AAx7E

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
about 3 years ago

OpenZeppelin Contracts's Cross chain utilities for Arbitrum L2 see EOA calls as cross chain calls GSA_kwCzR0hTQS05ajNtLWczODMtMjlxcs4AAuAp

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
about 3 years ago

OpenZeppelin Contracts ERC165Checker unbounded gas consumption GSA_kwCzR0hTQS03Z3JmLTgzdnctNmY1eM4AAuAo

npm openzeppelin-eth, @openzeppelin/contracts-upgradeable, openzeppelin-solidity, @openzeppelin/contracts
Moderate
over 3 years ago

GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior GSA_kwCzR0hTQS1tNnc4LWZxN3YtcGg0bc0h8A

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
almost 4 years ago

OpenZeppelin Contracts initializer reentrancy may lead to double initialization GSA_kwCzR0hTQS05YzIyLXB3eHctcDZoeM0bQg

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts

Filter by Severity

Moderate 11 High 6 Low 2 Critical 1