CVE-2024-27094 | OpenZeppelin openzeppelin-contracts up to 4.9.5/5.0.0-rc0 Base64.encode out-of-bounds (GHSA-9vx6-7xxf-x967)

Posted by Angelo Barbosa | Feb 29, 2024 | CVE

A vulnerability was found in OpenZeppelin openzeppelin-contracts up to 4.9.5/5.0.0-rc0 and classified as problematic. Affected by this issue is the function Base64.encode. The manipulation leads to out-of-bounds read.

This vulnerability is handled as CVE-2024-27094. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-27094 | OpenZeppelin openzeppelin-contracts up to 4.9.5/5.0.0-rc0 Base64.encode out-of-bounds (GHSA-9vx6-7xxf-x967)

Related Posts

CVE-2023-37890 | WPOmnia KB Support Plugin up to 1.5.88 on WordPress authorization

CVE-2023-52598 | Linux Kernel up to 6.7.3 ptrace save_fpu_regs memory corruption

CVE-2024-0286 | PHPGurukul Hospital Management System 1.0 Contact Form index.php#contact_us Name/Email/Message cross site scripting

CVE-2024-36420 | FlowiseAI Flowise up to 1.4.3 openai-assistants-file fileName information disclosure (GHSL-2023-232)