CVE-2024-27094 — Out-of-bounds Read in Contracts

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.4HIGHNVD

EPSS

0.6%

top 31.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openzeppelin Contracts Openzeppelin Contracts Upgradeable Openzeppelin Contracts-upgradeable +1 more

Timeline

Latest updateFeb 29

PublishedMar 21

Description

OpenZeppelin Contracts is a library for secure smart contract development. The `Base64.encode` function encodes a `bytes` input by iterating over it in chunks of 3 bytes. When this input is not a multiple of 3, the last iteration may read parts of the memory that are beyond the input buffer. The vulnerability is fixed in 5.0.2 and 4.9.6.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 2.2 | Impact: 5.2

Affected Packages5 packages

▶NVDopenzeppelin/contracts4.5.0 — 4.9.6+1

▶npmopenzeppelin/contracts4.5.0 — 4.9.6+1

▶NVDopenzeppelin/contracts_upgradeable5.0.0 — 5.0.2+1

▶npmopenzeppelin/contracts-upgradeable5.0.0-rc.0 — 5.0.2+1

▶CVEListV5openzeppelin/openzeppelin-contracts>= 4.5.0, < 4.9.6, >= 5.0.0-rc.0, < 5.0.2+1

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

OpenZeppelin Contracts base64 encoding may read from potentially dirty memory↗2024-02-29

▶

GHSA

OpenZeppelin Contracts base64 encoding may read from potentially dirty memory↗2024-02-29

▶