Skip to main content

Contracts Upgradeable

12 CVEs product

Monthly

CVE-2024-27094 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.4
EPSS
0.8%
CVE-2023-49798 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-34459 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-34234 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-30541 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-30542 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-26488 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-39384 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.6
EPSS
0.5%
CVE-2022-35961 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-35916 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-35915 npm MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Contracts Contracts Upgradeable Openzeppelin Eth Openzeppelin Solidity
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-31198 npm HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
EPSS 1% CVSS 7.4
HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Contracts +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

OpenZeppelin Contracts is a library for smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Contracts Contracts Upgradeable
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenZeppelin Contracts is a library for secure smart contract development. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Contracts Contracts Upgradeable +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

OpenZeppelin Contracts is a library for secure smart contract development. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Contracts Contracts Upgradeable
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy