logo

Database

Security

Vulnerabilities

Real-time alerts of vulnerabilities across monitored open-source ecosystems.

Ecosystems covered

1

Npm

Total vulnerabilities tracked

14

From global vulnerability databases

Exclude malware
Package contracts...radeable

FLAT-GZJ95 (CVE-2024-27094)

Out-of-bounds read In @openzeppelin/contracts-upgradeable

4.9

Medium

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-I3SYO (CVE-2023-40014)

OS Command Injection In @openzeppelin/contracts-upgradeable

1.7

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-C720T (CVE-2023-34459)

Missing subresource integrity check In @openzeppelin/contracts-upgradeable

2.3

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-XWRVW (CVE-2023-34234)

Improper authorization control for web services In @openzeppelin/contracts-upgradeable

2.7

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-TBDON (CVE-2023-30541)

Lack of data validation In @openzeppelin/contracts-upgradeable

2.7

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-PAZKC (CVE-2023-26488)

Inappropriate coding practices In @openzeppelin/contracts-upgradeable

4.9

Medium

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-KBBBG (CVE-2022-31198)

Inappropriate coding practices In @openzeppelin/contracts-upgradeable

6.6

Medium

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-J8APV (CVE-2022-35916)

Sensitive information sent insecurely In @openzeppelin/contracts-upgradeable

2.7

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-QCRXQ (CVE-2022-35915)

Improper resource allocation In @openzeppelin/contracts-upgradeable

2.7

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-O6YNE (CVE-2022-31172)

Insecure digital certificates In @openzeppelin/contracts-upgradeable

6.6

Medium

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-6PTEP (CVE-2022-31170)

Lack of data validation In @openzeppelin/contracts-upgradeable

6.6

Medium

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-ESGYI (GHSA-7j52-6fjp-58gr)

Non-upgradable dependencies In @openzeppelin/contracts-upgradeable

0.6

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-1C7IH (GHSA-q4h9-46xg-m3x9)

Inappropriate coding practices In @openzeppelin/contracts-upgradeable

0.6

Low

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable

FLAT-08FB9 (CVE-2021-39168)

Excessive privileges In @openzeppelin/contracts-upgradeable

9.1

Critical

Ecosystem: Npm

Package: @openzeppelin/contracts-upgradeable