Multiple vulnerabilities in OpenZeppelin Contracts
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-35916 CVE-2022-35915 CVE-2022-31198 |
| CWE-ID | CWE-669 CWE-400 CWE-682 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
OpenZeppelin Contracts Universal components / Libraries / Libraries used by multiple products |
| Vendor | OpenZeppelin |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) undefined
EUVDB-ID: #VU66781
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-35916
CWE-ID:
CWE-669 - Incorrect Resource Transfer Between Spheres
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to contracts using the cross chain utilies for Arbitrum L2, "CrossChainEnabledArbitrumL2" or "LibArbitrumL2", will classify direct interactions of externally owned accounts (EOAs) as cross chain calls, even though they are not started on L1. A remote attacker can perform arbitrary action on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOpenZeppelin Contracts: 4.6.0 - 4.7.1
CPE2.3- cpe:2.3:a:openzeppelin:contracts:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:openzeppelin:contracts:4.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:openzeppelin:contracts:4.7.1:*:*:*:*:*:*:*
https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3578
https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-9j3m-g383-29qr
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU66783
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-35915
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in an EIP-165 "supportsInterface" query. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOpenZeppelin Contracts: 2.0.0 - 4.7.1
CPE2.3- cpe:2.3:a:openzeppelin:contracts:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:openzeppelin:contracts:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openzeppelin:contracts:2.1.1:*:*:*:*:*:*:*
https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3587
https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-7grf-83vw-6f5x
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Incorrect calculation
EUVDB-ID: #VU66782
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-31198
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to an incorrect calculation in the "GovernorVotesQuorumFraction" module. A remote attacker can perform arbitrary action in the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOpenZeppelin Contracts: 4.3.0 - 4.7.1
CPE2.3- cpe:2.3:a:openzeppelin:contracts:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:openzeppelin:contracts:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:openzeppelin:contracts:4.3.2:*:*:*:*:*:*:*
https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3561
https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-xrc4-737v-9q75
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
