6 matches found
@acatalan/erc223-20-contracts (=0.0.3), @adacash/liquidity-staker (=0.0.1) +272 more potentially affected by CVE-2022-35915 via openzeppelin-solidity (>=2.0.0 <=3.4.2)
openzeppelin-solidity NPM version =2.0.0, =1.1.1, =0.3.0, =0.5.1, =0.3.2, =0.3.1, =0.3.1, =0.0.3, =0.1.0, =0.1.0, =2.2.1, =0.1.0, =0.1.4 and more Source cves: CVE-2022-35915 Source advisory: OSV:GHSA-7GRF-83VW-6F5X...
@centrifuge/ethereum-contracts (>=0.2.7 <=1.0.3-canary.4), curve-bonded-tokens (>=0.1.4 <=0.1.8) potentially affected by CVE-2022-35915 via openzeppelin-eth (>=2.1.3 <=2.2.0)
openzeppelin-eth NPM version =2.1.3, =0.2.7, =0.1.4, =0.1.8 Source cves: CVE-2022-35915 Source advisory: OSV:GHSA-7GRF-83VW-6F5X...
@0xwen/core (>=0.0.1 <=0.0.3), @0xwen/core-v5 (>=0.0.1 <=0.0.3) +215 more potentially affected by CVE-2022-35915 via @openzeppelin/contracts-upgradeable (>=3.4.0 <=4.7.0)
@openzeppelin/contracts-upgradeable NPM version =3.4.0, =0.0.1, =0.0.1, =0.0.2, =0.0.1, =0.2.1-alpha, =0.9.1, =0.19.0-beta.0, =2.0.0, =3.0.0-alpha0, =2.0.0, =3.0.1-alpha, =0.1.0-alpha, =0.24.2, =1.0.0, =0.6.0, =0.26.0 and more Source cves: CVE-2022-35915 Source advisory: OSV:GHSA-7GRF-83VW-6F5X...
0x-hunter-core (>=1.0.0-33 <=1.0.0-38), 1155-to-20 (>=1.0.0 <=1.0.2) +3071 more potentially affected by CVE-2022-35915 via @openzeppelin/contracts (>=2.3.0 <=4.7.1)
@openzeppelin/contracts NPM version =2.3.0, =1.0.0-33, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.9.1, =3.24.7, =1.7.2, =3.10.3, =0.0.2, =1.4.1, =1.0.0, =1.12.0 - @0xkkkkkkkkkkkkkkk/dodo =2.0.1 and more Source cves: CVE-2022-35915 Source advisory: OSV:GHSA-7GRF-83VW-6F5X...
CVE-2022-35915 Unbounded gas consumption in @openzeppelin/contracts
OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 supportsInterface query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue has been fixed in...
CVE-2022-35915 Unbounded gas consumption in @openzeppelin/contracts
OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 supportsInterface query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue has been fixed in...