GHSA-g4vp-m682-qqmp

Source

https://github.com/advisories/GHSA-g4vp-m682-qqmp

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/08/GHSA-g4vp-m682-qqmp/GHSA-g4vp-m682-qqmp.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-g4vp-m682-qqmp

Aliases

CVE-2023-40014

Related

CVE-2023-40014

Published

2023-08-11T19:00:48Z

Modified

2023-11-08T04:13:16.291927Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

OpenZeppelin Contracts vulnerable to Improper Escaping of Output

Details

Impact

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using ERC2771Context along with a custom trusted forwarder may see _msgSender return address(0) in calls that originate from the forwarder with calldata shorter than 20 bytes. This combination of circumstances does not appear to be common, in particular it is not the case for MinimalForwarder from OpenZeppelin Contracts, or any deployed forwarder the team is aware of, given that the signer address is appended to all calls that originate from these forwarders.

Patches

The problem has been patched in v4.9.3.

Database specific

{
    "nvd_published_at": "2023-08-10T20:15:10Z",
    "cwe_ids": [
        "CWE-116"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-11T19:00:48Z"
}

References

Affected packages

npm / @openzeppelin/contracts

Package

Name: @openzeppelin/contracts; View open source insights on deps.dev
Purl: pkg:npm/%40openzeppelin/contracts

Affected ranges

Type: SEMVER
Events: Introduced

4.0.0

Fixed

4.9.3

npm / @openzeppelin/contracts-upgradeable

Package

Name: @openzeppelin/contracts-upgradeable; View open source insights on deps.dev
Purl: pkg:npm/%40openzeppelin/contracts-upgradeable

Affected ranges

Type: SEMVER
Events: Introduced

4.0.0

Fixed

4.9.3