Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Out-of-bounds ReadCVE-2025-54070

Affects @openzeppelin/contracts | Versions >=5.2.0 <5.4.0

Has fix

npmPublished 18 Jul 2025

M

Out-of-bounds ReadCVE-2024-27094

Affects @openzeppelin/contracts | Versions >=4.5.0 <4.9.6>=5.0.0-rc.0 <5.0.2

Has fix

npmPublished 1 Mar 2024

M

Always-Incorrect Control Flow ImplementationCVE-2023-49798

Affects @openzeppelin/contracts | Versions >=4.9.4 <4.9.5

Has fix

npmPublished 10 Dec 2023

M

Improper Encoding or Escaping of OutputCVE-2023-40014

Affects @openzeppelin/contracts | Versions >=4.0.0 <4.9.3

Has fix

npmPublished 11 Aug 2023

M

Improper Input ValidationCVE-2023-34459

Affects @openzeppelin/contracts | Versions >=4.7.0 <4.9.2

Has fix

npmPublished 18 Jun 2023

L

Missing AuthorizationCVE-2023-34234

Affects @openzeppelin/contracts | Versions >=4.3.0 <4.9.1

Has fix

npmPublished 8 Jun 2023

L

Denial of Service (DoS)CVE-2023-30541

Affects @openzeppelin/contracts | Versions >=3.2.0 <4.8.3

Has fix

npmPublished 18 Apr 2023

M

Improper Input ValidationCVE-2023-30542

Affects @openzeppelin/contracts | Versions >=4.3.0 <4.8.3

Has fix

npmPublished 16 Apr 2023

M

Incorrect CalculationCVE-2023-26488

Affects @openzeppelin/contracts | Versions >=4.8.0 <4.8.2

Has fix

npmPublished 5 Mar 2023

M

Incorrect CalculationCVE-2023-26488

Affects @openzeppelin/contracts | Versions >=4.8.0 <4.8.2

Has fix

npmPublished 5 Mar 2023

H

Improper Verification of Cryptographic SignatureCVE-2022-35961

Affects @openzeppelin/contracts | Versions <4.7.3

Has fix

npmPublished 14 Aug 2022

M

Denial of Service (DoS)CVE-2022-35915

Affects @openzeppelin/contracts | Versions >=2.3.0 <4.7.2

Has fix

npmPublished 2 Aug 2022

L

Incorrect Resource Transfer Between SpheresCVE-2022-35916

Affects @openzeppelin/contracts | Versions >=4.6.0 <4.7.2

Has fix

npmPublished 2 Aug 2022

H

Incorrect CalculationCVE-2022-31198

Affects @openzeppelin/contracts | Versions >=4.3.0 <4.7.2

Has fix

npmPublished 2 Aug 2022

H

Information ExposureCVE-2022-31172

Affects @openzeppelin/contracts | Versions >=4.1.0 <4.7.1

Has fix

npmPublished 22 Jul 2022

H

Information ExposureCVE-2022-31170

Affects @openzeppelin/contracts | Versions >=4.0.0 <4.7.1

Has fix

npmPublished 22 Jul 2022

M

Function Call With Incorrect Argument

Affects @openzeppelin/contracts | Versions >=4.3.0 <4.4.2

Has fix

npmPublished 12 Jan 2022

H

Deserialization of Untrusted DataCVE-2021-46320

Affects @openzeppelin/contracts | Versions >=3.2.0 <4.4.1

Has fix

npmPublished 15 Dec 2021

H

Deserialization of Untrusted DataCVE-2022-39384

Affects @openzeppelin/contracts | Versions >=3.2.0 <4.4.1

Has fix

npmPublished 15 Dec 2021

M

Affects @openzeppelin/contracts | Versions >=4.2.0 <4.3.3

Has fix

npmPublished 16 Nov 2021

C

Improper InitializationCVE-2021-41264

Affects @openzeppelin/contracts | Versions >=4.1.0 <4.3.2

Has fix

npmPublished 15 Nov 2021

H

Improper Input Validation

Affects @openzeppelin/contracts | Versions >=4.1.0 <4.3.2

Has fix

npmPublished 16 Sept 2021

C

Privilege EscalationCVE-2021-39167

Affects @openzeppelin/contracts | Versions >=4.0.0-beta.0 <4.3.1<3.4.2

Has fix

npmPublished 27 Aug 2021

M

Improper Synchronization

Affects @openzeppelin/contracts | Versions <3.4.0-rc.0

Has fix

npmPublished 27 Jan 2021

M

Out-of-bounds ReadCVE-2025-54070

Affects @openzeppelin/contracts-upgradeable | Versions >=5.2.0 <5.4.0

Has fix

npmPublished 18 Jul 2025

M

Out-of-bounds ReadCVE-2024-27094

Affects @openzeppelin/contracts-upgradeable | Versions >=4.5.0 <4.9.6>=5.0.0-rc.0 <5.0.2

Has fix

npmPublished 1 Mar 2024

M

Always-Incorrect Control Flow ImplementationCVE-2023-49798

Affects @openzeppelin/contracts-upgradeable | Versions >=4.9.4 <4.9.5

Has fix

npmPublished 10 Dec 2023

M

Improper Encoding or Escaping of OutputCVE-2023-40014

Affects @openzeppelin/contracts-upgradeable | Versions >=4.0.0 <4.9.3

Has fix

npmPublished 11 Aug 2023

M

Improper Input ValidationCVE-2023-34459

Affects @openzeppelin/contracts-upgradeable | Versions >=4.7.0 <4.9.2

Has fix

npmPublished 18 Jun 2023

L

Missing AuthorizationCVE-2023-34234

Affects @openzeppelin/contracts-upgradeable | Versions >=4.3.0 <4.9.1

Has fix

npmPublished 8 Jun 2023

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.