3 matches found
CVE-2022-39384
OpenZeppelin Contracts is a library for secure smart contract development. Before version 4.4.1 but after 3.2.0, initializer functions that are invoked separate from contract creation the most prominent example being minimal proxies may be reentered if they make an untrusted non-view external cal...
CVE-2022-39384
OpenZeppelin Contracts (3.2.0–4.4.1) contain an initializer reentrancy issue caused by an exception used to support multiple inheritance, allowing reentry when an untrusted non-view external call is made during initialization. The impact is described as minor since upgradeable proxies are usually...
0x-hunter-core (>=1.0.0-33 <=1.0.0-38), 1155-to-20 (>=1.0.0 <=1.0.2) +2718 more potentially affected by CVE-2021-46320 +1 more via @openzeppelin/contracts (>=3.2.0 <=4.4.0)
@openzeppelin/contracts NPM version =3.2.0, =1.0.0-33, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.9.1, =3.24.7, =1.7.2, =3.10.3, =0.0.2, =1.4.1, =1.0.0, =1.12.0 - @0xkkkkkkkkkkkkkkk/dodo =2.0.1 and more Source cves: CVE-2021-46320, CVE-2022-39384 Source advisory: OSV:GHSA-9C22-PWXW-P6HX...