Published: 03/03/2023 Updated: 10/03/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

OpenZeppelin Contracts is a library for secure smart contract development. The ERC721Consecutive contract designed for minting NFTs in batches does not update balances when a batch has size 1 and consists of a single token. Subsequent transfers from the receiver of that token may overflow the balance as reported by `balanceOf`. The issue exclusively presents with batches of size 1. The issue has been patched in 4.8.2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openzeppelin contracts upgradeable
openzeppelin contracts

Deploy a decentralised governance system to the Ethereum Sepolia testnet

🏁 ERC-20 Governance on Sepolia Utilise OpenZeppelin's Governance contract wizard to deploy a decentralised governance system which allows a user to create a proposal (which contains some proposed code to execute), then allow all users (who hold the 'MyToken' ERC20 token which is deployed at the same time) to cast votes on whether the proposal should be accepte

CWE-682 https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-878m-3g6q-594q https://github.com/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.8.2 https://github.com/OpenZeppelin/openzeppelin-contracts/commit/167bf67ed3907f4a674043496019fa346cee7705 https://nvd.nist.gov https://github.com/davidlpoole/eth-erc20-governance

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-26488

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect