Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2023/08/11 7:0 p.m.18 views

OpenZeppelin Contracts vulnerable to Improper Escaping of Output

Impact OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using ERC2771Context along with a custom trusted forwarder may see msgSender return address0 in calls that originate from the forwarder with calldata...

5.3CVSS6.8AI score0.00611EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2023/08/11 7:0 p.m.43 views

GHSA-G4VP-M682-QQMP OpenZeppelin Contracts vulnerable to Improper Escaping of Output

Impact OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using ERC2771Context along with a custom trusted forwarder may see msgSender return address0 in calls that originate from the forwarder with calldata...

5.3CVSS5.1AI score0.00611EPSS
Exploits0References9
Prion
Prion
added 2023/08/10 8:15 p.m.20 views

Design/Logic Flaw

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using ERC2771Context along with a custom trusted forwarder may see msgSender return address0 in calls that originate from the forwarder with calldata shorter...

5CVSS5.2AI score0.00611EPSS
Exploits0References6Affected Software2
Vulnrichment
Vulnrichment
added 2023/08/10 7:52 p.m.13 views

CVE-2023-40014 OpenZeppelin Contracts's ERC2771Context with custom forwarder may lead to zero-valued _msgSender

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using ERC2771Context along with a custom trusted forwarder may see msgSender return address0 in calls that originate from the forwarder with calldata shorter...

5.3CVSS5.2AI score0.00611EPSS
Exploits0References6
Rows per page
Query Builder