5 matches found
@1inch/delegating (=2.0.0), @1inch/farming (=4.0.0) +31 more potentially affected by CVE-2025-54070 via @openzeppelin/contracts (>=5.2.0 <=5.3.0)
@openzeppelin/contracts NPM version =5.2.0, =1.0.0-alpha.9, =0.0.4, =1.0.0, =0.1.0, =0.4.27, =0.3.0, =0.5.3, =7.9.0-main3c5a2f8, =7.9.0-maine3c28f1, =7.9.0-main01f77d70, =7.9.0-mainc91b9b3, =7.9.0-main163e291, =7.9.0-main0cdac11, =8.0.9-prffd008c and more Source cves: CVE-2025-54070 Source...
@originalworks/protocol-core-contracts (>=0.0.4 <=0.0.8), @pendle/boros-core (>=1.0.0 <=1.0.6) +13 more potentially affected by CVE-2025-54070 via @openzeppelin/contracts-upgradeable (>=5.2.0 <=5.3.0)
@openzeppelin/contracts-upgradeable NPM version =5.2.0, =0.0.4, =1.0.0, =0.1.0, =0.4.27, =0.3.0, =0.5.3, =7.9.0-maine3c28f1, =3.0.0, =1.0.0-alpha.1, =0.3.0, =0.3.0, =0.3.2, =0.1.0, =0.1.0, =0.2.0, =0.3.2 Source cves: CVE-2025-54070 Source advisory: OSV:GHSA-9RCW-C2F9-2J55...
CVE-2025-54070 OpenZeppelin Contracts's Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length...
CVE-2025-54070 OpenZeppelin Contracts's Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length...
CVE-2025-54070 OpenZeppelin Contracts's Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length...