Skip to main content

Contracts

20 CVEs product

Monthly

CVE-2024-45304 MEDIUM PATCH This Month

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-27094 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.4
EPSS
0.8%
CVE-2023-49798 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-34459 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-34234 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-30541 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-30542 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-26488 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-23940 PyPI MEDIUM PATCH This Month

OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Authentication Bypass Contracts
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-39384 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.6
EPSS
0.5%
CVE-2022-35961 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-35916 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-35915 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Contracts Contracts Upgradeable Openzeppelin Eth Openzeppelin Solidity
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-31198 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31172 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-31170 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-31153 PyPI MEDIUM POC PATCH This Month

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Contracts
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-41264 npm CRITICAL PATCH Act Now

OpenZeppelin Contracts is a library for smart contract development. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-39168 npm CRITICAL PATCH Act Now

OpenZepplin is a library for smart contract development. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Contracts
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-39167 npm CRITICAL PATCH Act Now

OpenZepplin is a library for smart contract development. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Contracts
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts
NVD GitHub
EPSS 1% CVSS 7.4
HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Contracts +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts for Cairo is a library for secure smart contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Authentication Bypass Contracts
NVD GitHub
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Contracts Contracts Upgradeable +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Contracts
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

OpenZeppelin Contracts is a library for smart contract development. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

OpenZepplin is a library for smart contract development. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Contracts
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

OpenZepplin is a library for smart contract development. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Contracts
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy