4 matches found
0x-hunter-core (>=1.0.0-33 <=1.0.0-38), @0xabcdefg/router-sdk (=1.0.0) +2194 more potentially affected by CVE-2021-39167 via @openzeppelin/contracts (>=3.3.0 <=3.4.2-solc-0.7)
@openzeppelin/contracts NPM version =3.3.0, =1.0.0-33, =1.0.0, =1.0.0, =1.9.1, =3.24.7, =1.7.2, =3.10.3, =0.0.2, =1.4.1, =1.0.0, =0.2.0, =1.0.0 - @0xlol/sdk =0.0.267 and more Source cves: CVE-2021-39167 Source advisory: OSV:GHSA-FG47-3C2X-M2WR...
@avalabs/avalanche-wallet-sdk (>=0.3.0 <=0.9.4), @b0dhidharma/contract-utils (=0.1.1) +48 more potentially affected by CVE-2021-39167 via @openzeppelin/contracts (>=4.0.0 <=4.3.0)
@openzeppelin/contracts NPM version =4.0.0, =0.3.0, =0.0.2, =1.0.0, =1.1.0, =2.0.0, =0.1.1, =0.0.1, =3.0.0-alpha.2, =3.0.0-alpha.1, =3.0.0-alpha.1, =3.0.0-alpha.1, =0.0.0-863d96e4, =0.0.23-canary and more Source cves: CVE-2021-39167 Source advisory: OSV:GHSA-FG47-3C2X-M2WR...
CVE-2021-39167
creationtimestamp| type| source ---|---|--- 2021-08-27 07:28:51+00:00| seen| https://t.me/cibsecurity/27939...
CVE-2021-39167
OpenZeppelin Contracts TimelockController vulnerability (CVE-2021-39167) affects the TimelockController in OpenZeppelin’s smart contract library. The issue allows an actor with the executor role to escalate privileges, potentially gaining control over assets. Mitigation in public advisories recom...