Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openzeppelin contracts vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40014
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using `ERC2771Context` along with a custom trusted forwarder may see `_msgSender` return `address(0)` in calls that originate from the forwar...
Openzeppelin Openzeppelin Contracts-upgradable
Openzeppelin Openzeppelin Contracts
1 Github repository
NA
CVE-2022-35915
OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 `supportsInterface` query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue h...
Openzeppelin Openzeppelin-solidity
Openzeppelin Contracts
Openzeppelin Openzeppelin-eth
Openzeppelin Contracts Upgradeable
NA
CVE-2023-26488
OpenZeppelin Contracts is a library for secure smart contract development. The ERC721Consecutive contract designed for minting NFTs in batches does not update balances when a batch has size 1 and consists of a single token. Subsequent transfers from the receiver of that token may...
Openzeppelin Contracts Upgradeable
Openzeppelin Contracts
1 Github repository
NA
CVE-2022-35916
OpenZeppelin Contracts is a library for secure smart contract development. Contracts using the cross chain utilities for Arbitrum L2, `CrossChainEnabledArbitrumL2` or `LibArbitrumL2`, will classify direct interactions of externally owned accounts (EOAs) as cross chain calls, even...
Openzeppelin Contracts
Openzeppelin Contracts Upgradeable
NA
CVE-2023-34234
OpenZeppelin Contracts is a library for smart contract development. By frontrunning the creation of a proposal, an attacker can become the proposer and gain the ability to cancel it. The attacker can do this repeatedly to try to prevent a proposal from being proposed at all. Thi...
Openzeppelin Contracts Upgradeable
Openzeppelin Contracts
NA
CVE-2023-30541
OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incom...
Openzeppelin Contracts Upgradeable
Openzeppelin Contracts
1 Github repository
NA
CVE-2023-30542
OpenZeppelin Contracts is a library for secure smart contract development. The proposal creation entrypoint (`propose`) in `GovernorCompatibilityBravo` allows the creation of proposals with a `signatures` array shorter than the `calldatas` array. This causes the additional elemen...
Openzeppelin Contracts Upgradeable
Openzeppelin Contracts
1 Github repository
NA
CVE-2023-34459
OpenZeppelin Contracts is a library for smart contract development. Starting in version 4.7.0 and prior to version 4.9.2, when the `verifyMultiProof`, `verifyMultiProofCalldata`, `procesprocessMultiProof`, or `processMultiProofCalldat` functions are in use, it is possible to cons...
Openzeppelin Contracts Upgradeable
Openzeppelin Contracts
1 Github repository
NA
CVE-2022-31198
OpenZeppelin Contracts is a library for secure smart contract development. This issue concerns instances of Governor that use the module `GovernorVotesQuorumFraction`, a mechanism that determines quorum requirements as a percentage of the voting token's total supply. In affe...
Openzeppelin Contracts
Openzeppelin Contracts Upgradeable
1 Github repository
NA
CVE-2022-39384
OpenZeppelin Contracts is a library for secure smart contract development. Before version 4.4.1 but after 3.2.0, initializer functions that are invoked separate from contract creation (the most prominent example being minimal proxies) may be reentered if they make an untrusted no...
Openzeppelin Contracts
Openzeppelin Contracts Upgradeable
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »