Vulnerabilities > Openzeppelin

DATE CVE VULNERABILITY TITLE RISK
2022-08-15 CVE-2022-35961 Improper Validation of Integrity Check Value vulnerability in Openzeppelin Contracts and Contracts Upgradeable
OpenZeppelin Contracts is a library for secure smart contract development.
network
low complexity
openzeppelin CWE-354
6.5
2022-08-01 CVE-2022-31198 Incorrect Calculation vulnerability in Openzeppelin Contracts and Contracts Upgradeable
OpenZeppelin Contracts is a library for secure smart contract development.
network
low complexity
openzeppelin CWE-682
7.5
2022-08-01 CVE-2022-35915 Allocation of Resources Without Limits or Throttling vulnerability in Openzeppelin products
OpenZeppelin Contracts is a library for secure smart contract development.
network
low complexity
openzeppelin CWE-770
5.3
2022-08-01 CVE-2022-35916 Incorrect Resource Transfer Between Spheres vulnerability in Openzeppelin Contracts and Contracts Upgradeable
OpenZeppelin Contracts is a library for secure smart contract development.
network
low complexity
openzeppelin CWE-669
5.3
2022-07-22 CVE-2022-31170 Unchecked Return Value vulnerability in Openzeppelin Contracts
OpenZeppelin Contracts is a library for smart contract development.
network
low complexity
openzeppelin CWE-252
7.5
2022-07-22 CVE-2022-31172 Improper Verification of Cryptographic Signature vulnerability in Openzeppelin Contracts
OpenZeppelin Contracts is a library for smart contract development.
network
low complexity
openzeppelin CWE-347
7.5
2022-07-15 CVE-2022-31153 Incorrect Authorization vulnerability in Openzeppelin Contracts 0.2.0
OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup.
network
low complexity
openzeppelin CWE-863
6.5
2022-02-04 CVE-2021-46320 Improper Initialization vulnerability in Openzeppelin
In OpenZeppelin <=v4.4.0, initializer functions that are invoked separate from contract creation (the most prominent example being minimal proxies) may be reentered if they make an untrusted non-view external call.
network
low complexity
openzeppelin CWE-665
7.5
2021-11-12 CVE-2021-41264 Improper Initialization vulnerability in Openzeppelin Contracts
OpenZeppelin Contracts is a library for smart contract development.
network
low complexity
openzeppelin CWE-665
critical
9.8
2021-08-27 CVE-2021-39167 Improper Privilege Management vulnerability in Openzeppelin Contracts
OpenZepplin is a library for smart contract development.
network
low complexity
openzeppelin CWE-269
critical
9.8