4337-snap (>=0.1.0 <=0.1.1), @0xabcdefg/smart-order-router (>=1.0.0 <=1.0.5) +1497 more potentially affected by CVE-2024-27094 via @openzeppelin/contracts (>=4.5.0 <=4.9.5)

@openzeppelin/contracts NPM version =4.5.0, =0.1.0, =1.0.0, =1.0.0, =3.24.7, =1.7.2, =0.107.10, =1.9.0, =0.107.0, =0.107.0, =0.107.0, =0.69.0, =0.107.0, =0.97.1, =0.107.0, =0.107.0, =0.123.2 and more Source cves: CVE-2024-27094 Source advisory: OSV:GHSA-9VX6-7XXF-X967...

OpenZeppelin 安全漏洞

OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in OpenZeppelin versions 4.3.0 through 4.7.2, and OpenZeppelin contracts-upgradeable versions 4.3.0 through 4.7.2, which stems from the fact that when a proposal is passed to...