Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-46320
HistoryFeb 04, 2022 - 11:35 a.m.

CVE-2021-46320

2022-02-0411:35:52
mitre
www.cve.org
4
openzeppelin
v4.4.0
initializer
reentrancy
minimal proxies
untrusted call

EPSS

0.001

Percentile

31.8%

JSON

In OpenZeppelin <=v4.4.0, initializer functions that are invoked separate from contract creation (the most prominent example being minimal proxies) may be reentered if they make an untrusted non-view external call. Once an initializer has finished running it can never be re-executed. However, an exception put in place to support multiple inheritance made reentrancy possible, breaking the expectation that there is a single execution.

Related

veracode 1
github 1
cve 1
nvd 1
prion 1
osv 4
veracode
veracode
Privilege Escalation
2022-02-07 09:51:29
github
github
Improper Initialization in OpenZeppelin
2022-02-05 00:00:31
cve
cve
CVE-2021-46320
2022-02-04 12:15:07
nvd
nvd
CVE-2021-46320
2022-02-04 12:15:07
prion
prion
Code injection
2022-02-04 12:15:00
osv
osv
Improper Initialization in OpenZeppelin
2022-02-05 00:00:31
OpenZeppelin Contracts initializer reentrancy may lead to double initialization
2021-12-14 21:47:33
CVE-2021-46320
2022-02-04 12:15:07

EPSS

0.001

Percentile

31.8%

JSON
Related for CVELIST:CVE-2021-46320
veracode1github1cve1nvd1prion1osv4