Contracts Security Vulnerabilities and Issues — Contracts CVE List

Lucene search

OpenzeppelinContracts

3 matches found

CVE•added 2022/07/15 6:15 p.m.•76 views

CVE-2022-31153

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0...

6.5CVSS6.4AI score0.00903EPSS

CVE•added 2022/07/22 4:15 a.m.•75 views

CVE-2022-31172

OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. SignatureChecker.isValidSignatureNow is not expected to revert. However, an incorrect assumption about Solidity 0.8's abi.decode allows some cases to reve...

7.5CVSS7.4AI score0.00108EPSS

CVE•added 2022/07/22 4:15 a.m.•67 views

CVE-2022-31170

OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning false. ERC165Checker.supportsInterface is designed to always successfully return a boolean, and under no circumstance revert. However, an inc...

7.5CVSS7.4AI score0.00294EPSS