CVE-2024-27094 | OpenZeppelin openzeppelin-contracts up to 4.9.5/5.0.0-rc0 Base64.encode out-of-bounds (GHSA-9vx6-7xxf-x967)

Posted by Angelo Barbosa | Feb 29, 2024 | CVE

A vulnerability was found in OpenZeppelin openzeppelin-contracts up to 4.9.5/5.0.0-rc0 and classified as problematic. Affected by this issue is the function Base64.encode. The manipulation leads to out-of-bounds read.

This vulnerability is handled as CVE-2024-27094. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-27094 | OpenZeppelin openzeppelin-contracts up to 4.9.5/5.0.0-rc0 Base64.encode out-of-bounds (GHSA-9vx6-7xxf-x967)

Related Posts

CVE-2020-36827 | XAO::Web Module up to 1.83 on Perl json-embed Privilege Escalation

CVE-2024-9589 | Category and Taxonomy Meta Fields Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-44302 | Apple watchOS Font information disclosure

CVE-2023-42740 | Unisoc S8000 Telecom Service permission