Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2024/02/29 8:9 p.m.6 views

4337-snap (>=0.1.0 <=0.1.1), @0xflair/contracts-registry (>=0.107.10 <=0.123.2) +432 more potentially affected by CVE-2024-27094 via @openzeppelin/contracts-upgradeable (>=4.5.0 <=4.9.5)

@openzeppelin/contracts-upgradeable NPM version =4.5.0, =0.1.0, =0.107.10, =1.9.0, =0.107.0, =0.107.0, =0.107.0, =0.69.0, =0.107.0, =0.97.1, =0.107.0, =0.107.0, =0.107.0, =4.0.0, =2.0.0, =0.2.1-alpha, =0.2.1-beta2 and more Source cves: CVE-2024-27094 Source advisory: OSV:GHSA-9VX6-7XXF-X967...

7.4CVSS6.5AI score0.00763EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/29 8:9 p.m.7 views

@etherisc/gif-next (>=0.0.2-0a7d082-551 <=0.0.2-ff8087d-237), @ethsign/sign-protocol-evm (>=1.0.0 <=1.1.3) +9 more potentially affected by CVE-2024-27094 via @openzeppelin/contracts-upgradeable (>=5.0.0 <=5.0.1)

@openzeppelin/contracts-upgradeable NPM version =5.0.0, =0.0.2-0a7d082-551, =1.0.0, =2.5.5, =1.0.0, =1.0.0-beta-rc1, =0.0.1, =1.0.1, =0.1.0, =0.1.0-alpha.10 Source cves: CVE-2024-27094 Source advisory: OSV:GHSA-9VX6-7XXF-X967...

7.4CVSS6.5AI score0.00763EPSS
Exploits0
Code423n4
Code423n4
added 2023/01/17 12:0 a.m.8 views

Upgradable liberty

Lines of code Vulnerability details Impact Instead of using @openzeppelin/contracts, use the upgradable liberty for contracts that should be able to be upgraded. This is the library that should be used :@openzeppelin/contracts-upgradeable Proof of Concept For more info have a look at this resourc...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/17 12:0 a.m.11 views

Upgradeable

Lines of code Vulnerability details Impact Since the contract OndoPriceOracle.sol is a critical contract it should have room to be upgrade, either use the library @openzeppelin/contracts-upgradeable or leave a storage gap. An example of this would be to add this line: uint25650 private gap; Proof...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/03/24 12:0 a.m.15 views

[WP-H0] Wrong implementation of EIP712MetaTransaction

Lines of code Vulnerability details 1. EIP712MetaTransaction is a utils contract that intended to be inherited by concrete actual contracts, therefore. it's initializer function should not use the initializer modifier, instead, it should use onlyInitializing modifier. See the implementation of...

6.9AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/09/15 8:22 p.m.7 views

@biconomy/hyphen-contracts (=1.0.4), @devprotocol/protocol-l2 (>=0.0.1 <=0.0.2) +8 more potentially affected by unknown CVE via @openzeppelin/contracts-upgradeable (>=4.2.0 <=4.3.1)

@openzeppelin/contracts-upgradeable NPM version =4.2.0, =0.0.1, =1.1.2, =1.0.1, =1.1.2, =1.0.0, =0.8.1-pr-brioux-1333.92b26c3a.36, =1.0.5, =2.3.0, =2.3.2 Source cves: unknown CVE Source advisory: OSV:GHSA-Q4H9-46XG-M3X9...

5.8AI score
Exploits0
Rows per page
Query Builder