Privilege Escalation

2022-02-0709:51:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

32.0%

JSON

openzeppelin/contracts is vulnerable to privilege escalation. The vulnerability exists due to the lack of sanitization in the initializer function which allowed an actor with executor role to escalate privileges.

CPENameOperatorVersion
@openzeppelin/contracts-upgradeablele4.4.0
@openzeppelin/contractsle4.4.0
@openzeppelin/contracts-upgradeablele4.4.0
@openzeppelin/contractsle4.4.0