Contracts Security Vulnerabilities and Issues — Contracts CVE List

Lucene search

OpenzeppelinContracts

4 matches found

CVE•added 2022/07/15 6:15 p.m.•76 views

CVE-2022-31153

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0...

6.5CVSS6.4AI score0.00903EPSS

CVE•added 2023/02/03 8:15 p.m.•61 views

CVE-2023-23940

OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. is_valid_eth_signature is missing a call to finalize_keccak after calling verify_eth_signature. As a result, any contract using is_valid_eth_signature from t...

6.4CVSS5.4AI score0.00007EPSS

CVE•added 2023/03/03 10:15 p.m.•51 views

CVE-2023-26488

OpenZeppelin Contracts is a library for secure smart contract development. The ERC721Consecutive contract designed for minting NFTs in batches does not update balances when a batch has size 1 and consists of a single token. Subsequent transfers from the receiver of that token may overflow the balan...

6.5CVSS6.6AI score0.00075EPSS

CVE•added 2024/08/31 12:15 a.m.•41 views

CVE-2024-45304

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintended...

6.5CVSS5.7AI score0.00019EPSS