Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.14 views

CVE-2023-49798

OpenZeppelin Contracts is a library for smart contract development. A merge issue when porting the 5.0.1 patch to the 4.9 branch caused a line duplication. In the version of Multicall.sol released in @openzeppelin/[email protected] and @openzeppelin/[email protected], all subcalls are...

7.5CVSS6.8AI score0.00543EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/12/12 12:49 a.m.4 views

@offchainlabs/l1-l3-teleport-contracts (>=0.1.0-alpha.1 <=1.0.1) potentially affected by CVE-2023-49798 via @openzeppelin/contracts (=4.9.4)

@openzeppelin/contracts NPM version =4.9.4 is affected by a known vulnerability. The following packages have a transitive dependency on @openzeppelin/contracts and may be impacted: - @offchainlabs/l1-l3-teleport-contracts =0.1.0-alpha.1, =1.0.1 Source cves: CVE-2023-49798 Source advisory:...

7.5CVSS7.1AI score0.00543EPSS
Exploits0
CVE
CVE
added 2023/12/08 11:35 p.m.66 views

CVE-2023-49798

OpenZeppelin Contracts’ CVE-2023-49798 relates to a merge-conflict error in the Multicall.sol implementation that caused all subcalls to be executed twice in versions @openzeppelin/[email protected] and @openzeppelin/[email protected]. This duplication could lead to unintended duplicate o...

7.5CVSS6.5AI score0.00543EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/12/08 11:35 p.m.20 views

CVE-2023-49798 Duplicated execution of subcalls in OpenZeppelin Contracts

OpenZeppelin Contracts is a library for smart contract development. A merge issue when porting the 5.0.1 patch to the 4.9 branch caused a line duplication. In the version of Multicall.sol released in @openzeppelin/[email protected] and @openzeppelin/[email protected], all subcalls are...

5.9CVSS7.7AI score0.00543EPSS
Exploits0References2
Rows per page
Query Builder