OpenZeppelin 安全漏洞

OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in OpenZeppelin Contracts versions 3.2.0 and later through 4.4.1 and earlier, which stems from an exception set to support multiple inheritance that breaks the expectation of a...

Malicious code in multiple-inheritance-rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f78cfc2383f9411d2efdd19966250309bac7347c428ed4ac4034231a7997db39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GHSA-88G8-F5MF-F5RJ Improper Initialization in OpenZeppelin

In OpenZeppelin =v4.4.0, initializer functions that are invoked separate from contract creation the most prominent example being minimal proxies may be reentered if they make an untrusted non-view external call. Once an initializer has finished running it can never be re-executed. However, an...

OpenZeppelin 安全漏洞

OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in OpenZeppelin =v4.4.0 that stems from initializer functions that are called separately from contract creation the most notable example being minimal proxies and can be re-enter...