@openzeppelin/contracts vulnerabilities

Secure Smart Contract library for Solidity

latest version

5.1.0

latest non vulnerable version

5.2.0-rc.1

first published

5 years ago

latest version published

2 months ago

licenses detected

MIT
>=0

View contracts package health on Snyk Advisor (opens in a new tab)

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @openzeppelin/contracts package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Out-of-bounds Read	>=4.5.0 <4.9.6>=5.0.0-rc.0 <5.0.2
M Always-Incorrect Control Flow Implementation	>=4.9.4 <4.9.5
M Improper Encoding or Escaping of Output	>=4.0.0 <4.9.3
M Improper Input Validation	>=4.7.0 <4.9.2
L Missing Authorization	>=4.3.0 <4.9.1
L Denial of Service (DoS)	>=3.2.0 <4.8.3
M Improper Input Validation	>=4.3.0 <4.8.3
M Incorrect Calculation	>=4.8.0 <4.8.2
M Incorrect Calculation	>=4.8.0 <4.8.2
H Improper Verification of Cryptographic Signature	<4.7.3
M Denial of Service (DoS)	>=2.3.0 <4.7.2
L Incorrect Resource Transfer Between Spheres	>=4.6.0 <4.7.2
H Incorrect Calculation	>=4.3.0 <4.7.2
H Information Exposure	>=4.1.0 <4.7.1
H Information Exposure	>=4.0.0 <4.7.1
M Function Call With Incorrect Argument	>=4.3.0 <4.4.2
H Deserialization of Untrusted Data	>=3.2.0 <4.4.1
H Deserialization of Untrusted Data	>=3.2.0 <4.4.1
M Numeric Errors	>=4.2.0 <4.3.3
C Improper Initialization	>=4.1.0 <4.3.2
H Improper Input Validation	>=4.1.0 <4.3.2
C Privilege Escalation	>=4.0.0-beta.0 <4.3.1<3.4.2
M Improper Synchronization	<3.4.0-rc.0

Package versions

1 - 89 of 89 Results

version	published	direct vulnerabilities
5.2.0-rc.1	16 Dec, 2024	0 C 0 H 0 M 0 L
5.2.0-rc.0	4 Dec, 2024	0 C 0 H 0 M 0 L
5.1.0	17 Oct, 2024	0 C 0 H 0 M 0 L
5.1.0-rc.1	17 Oct, 2024	0 C 0 H 0 M 0 L
5.1.0-rc.0	3 Oct, 2024	0 C 0 H 0 M 0 L
5.0.2	29 Feb, 2024	0 C 0 H 0 M 0 L
5.0.1	7 Dec, 2023	0 C 0 H 1 M 0 L
5.0.0	5 Oct, 2023	0 C 0 H 1 M 0 L
5.0.0-rc.2	2 Oct, 2023	0 C 0 H 1 M 0 L
5.0.0-rc.1	28 Sep, 2023	0 C 0 H 1 M 0 L
5.0.0-rc.0	19 Sep, 2023	0 C 0 H 1 M 0 L
4.9.6	29 Feb, 2024	0 C 0 H 0 M 0 L
4.9.5	8 Dec, 2023	0 C 0 H 1 M 0 L
4.9.4	7 Dec, 2023	0 C 0 H 2 M 0 L
4.9.3	28 Jul, 2023	0 C 0 H 1 M 0 L
4.9.2	16 Jun, 2023	0 C 0 H 2 M 0 L
4.9.1	7 Jun, 2023	0 C 0 H 3 M 0 L
4.9.0	23 May, 2023	0 C 0 H 3 M 1 L
4.9.0-rc.1	17 May, 2023	0 C 0 H 3 M 1 L
4.9.0-rc.0	9 May, 2023	0 C 0 H 3 M 1 L
4.8.3	13 Apr, 2023	0 C 0 H 3 M 1 L
4.8.2	2 Mar, 2023	0 C 0 H 4 M 2 L
4.8.1	13 Jan, 2023	0 C 0 H 6 M 2 L
4.8.0	8 Nov, 2022	0 C 0 H 6 M 2 L
4.8.0-rc.2	17 Oct, 2022	0 C 0 H 4 M 2 L
4.8.0-rc.1	23 Sep, 2022	0 C 0 H 4 M 2 L
4.8.0-rc.0	7 Sep, 2022	0 C 0 H 4 M 2 L
4.7.3	10 Aug, 2022	0 C 0 H 4 M 2 L
4.7.2	27 Jul, 2022	0 C 1 H 4 M 2 L
4.7.1	20 Jul, 2022	0 C 2 H 5 M 3 L
4.7.0	29 Jun, 2022	0 C 4 H 5 M 3 L
4.7.0-rc.0	7 Jun, 2022	0 C 4 H 4 M 3 L
4.6.0	26 Apr, 2022	0 C 4 H 4 M 3 L
4.6.0-rc.0	31 Mar, 2022	0 C 4 H 4 M 2 L
4.5.0	9 Feb, 2022	0 C 4 H 4 M 2 L
4.5.0-rc.0	13 Jan, 2022	0 C 4 H 3 M 2 L
4.4.2	11 Jan, 2022	0 C 4 H 3 M 2 L
4.4.1	14 Dec, 2021	0 C 4 H 4 M 2 L
4.4.0	25 Nov, 2021	0 C 6 H 4 M 2 L
4.4.0-rc.1	16 Nov, 2021	0 C 6 H 4 M 2 L
4.4.0-rc.0	20 Oct, 2021	0 C 6 H 4 M 2 L
4.3.3	12 Nov, 2021	0 C 6 H 4 M 2 L
4.3.2	14 Sep, 2021	0 C 6 H 5 M 2 L
4.3.1	26 Aug, 2021	1 C 7 H 5 M 2 L
4.3.0	17 Aug, 2021	2 C 7 H 5 M 2 L
4.3.0-rc.0	6 Aug, 2021	2 C 6 H 3 M 1 L
4.2.0	30 Jun, 2021	2 C 6 H 3 M 1 L
4.2.0-rc.0	23 Jun, 2021	2 C 6 H 2 M 1 L
4.1.0	29 Apr, 2021	2 C 6 H 2 M 1 L
4.1.0-rc.0	16 Apr, 2021	1 C 4 H 2 M 1 L
4.0.0	23 Mar, 2021	1 C 4 H 2 M 1 L
4.0.0-rc.0	9 Mar, 2021	1 C 3 H 1 M 1 L
4.0.0-beta.1	3 Mar, 2021	1 C 3 H 1 M 1 L
4.0.0-beta.0	22 Feb, 2021	1 C 3 H 1 M 1 L
3.4.2	26 Aug, 2021	0 C 3 H 1 M 1 L
3.4.2-solc-0.7	26 Aug, 2021	1 C 3 H 1 M 1 L
3.4.1	3 Mar, 2021	1 C 3 H 1 M 1 L
3.4.1-solc-0.7-2	3 Mar, 2021	1 C 3 H 1 M 1 L
3.4.1-solc-0.7	3 Mar, 2021	1 C 3 H 1 M 1 L
3.4.0	2 Feb, 2021	1 C 3 H 1 M 1 L
3.4.0-solc-0.7	2 Feb, 2021	1 C 3 H 1 M 1 L
3.4.0-rc.0	26 Jan, 2021	1 C 3 H 1 M 1 L
3.3.0	26 Nov, 2020	1 C 3 H 2 M 1 L
3.3.0-solc-0.7	27 Nov, 2020	1 C 3 H 2 M 1 L
3.3.0-rc.2	24 Nov, 2020	1 C 3 H 2 M 1 L
3.3.0-rc.1	18 Nov, 2020	1 C 3 H 2 M 1 L
3.3.0-rc.0	17 Nov, 2020	1 C 3 H 2 M 1 L
3.2.2-solc-0.7	28 Oct, 2020	1 C 3 H 2 M 1 L
3.2.1-solc-0.7	15 Sep, 2020	1 C 3 H 2 M 1 L
3.2.0	10 Sep, 2020	1 C 3 H 2 M 1 L
3.2.0-solc-0.7	11 Sep, 2020	1 C 1 H 2 M 0 L
3.2.0-rc.0	3 Sep, 2020	1 C 1 H 2 M 0 L
3.1.0	23 Jun, 2020	1 C 1 H 2 M 0 L
3.1.0-solc-0.7	30 Jul, 2020	1 C 1 H 2 M 0 L
3.1.0-rc.0	11 Jun, 2020	1 C 1 H 2 M 0 L
3.0.2	8 Jun, 2020	1 C 1 H 2 M 0 L
3.0.1	27 Apr, 2020	1 C 1 H 2 M 0 L
3.0.0	20 Apr, 2020	1 C 1 H 2 M 0 L
3.0.0-rc.1	3 Apr, 2020	1 C 1 H 2 M 0 L
3.0.0-rc.0	16 Mar, 2020	1 C 1 H 2 M 0 L
3.0.0-beta.0	14 Feb, 2020	1 C 1 H 2 M 0 L
2.5.1	27 Apr, 2020	1 C 1 H 2 M 0 L
2.5.0	4 Feb, 2020	1 C 1 H 2 M 0 L
2.5.0-rc.0	24 Jan, 2020	1 C 1 H 2 M 0 L
2.4.0	29 Oct, 2019	1 C 1 H 2 M 0 L
2.4.0-beta.2	16 Aug, 2019	1 C 1 H 2 M 0 L
2.4.0-beta.1	16 Aug, 2019	1 C 1 H 2 M 0 L
2.4.0-beta.0	15 Aug, 2019	1 C 1 H 2 M 0 L
2.3.0	26 Jul, 2019	1 C 1 H 2 M 0 L