@openzeppelin/contracts-upgradeable@4.9.4 vulnerabilities
Secure Smart Contract library for Solidity
-
latest version
5.0.2
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
2 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @openzeppelin/contracts-upgradeable package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@openzeppelin/contracts-upgradeable is a Secure Smart Contract library for Solidity. Affected versions of this package are vulnerable to Out-of-bounds Read due to the Note: These conditions are more frequent in the following scenarios:
How to fix Out-of-bounds Read? Upgrade |
>=4.5.0 <4.9.6
>=5.0.0-rc.0 <5.0.2
|
@openzeppelin/contracts-upgradeable is a Secure Smart Contract library for Solidity. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to an issue with the How to fix Always-Incorrect Control Flow Implementation? Upgrade |
>=4.9.4 <4.9.5
|