-
Notifications
You must be signed in to change notification settings - Fork 11.8k
Security: OpenZeppelin/openzeppelin-contracts
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Base64 encoding may read from potentially dirty memoryGHSA-9vx6-7xxf-x967 published
Feb 29, 2024 by ernestognwLow -
Duplicated execution of subcalls in v4.9.4GHSA-699g-q6qh-q4v8 published
Dec 8, 2023 by AmxxModerate -
ERC2771Context with custom forwarder may lead to zero-valued _msgSenderGHSA-g4vp-m682-qqmp published
Aug 10, 2023 by frangioLow -
MerkleProof multiproofs may allow proving arbitrary leaves for specific treesGHSA-wprv-93r4-jj2p published
Jun 16, 2023 by frangioModerate -
Governor proposal creation may be blocked by frontrunningGHSA-5h3x-9wvq-w4m2 published
Jun 7, 2023 by frangioModerate -
TransparentUpgradeableProxy clashing selector calls may not be delegatedGHSA-mx2q-35m2-x2rh published
Apr 13, 2023 by frangioLow -
GovernorCompatibilityBravo may trim proposal calldataGHSA-93hq-5wgc-jc82 published
Apr 13, 2023 by frangioModerate -
ERC721Consecutive incorrect balance update with batch of 1GHSA-878m-3g6q-594q published
Mar 2, 2023 by frangioModerate -
ECDSA signature malleabilityGHSA-4h98-2769-gh6h published
Aug 10, 2022 by frangioHigh -
Cross chain utilities for Arbitrum L2 see EOA calls as cross chain callsGHSA-9j3m-g383-29qr published
Jul 28, 2022 by frangioLow