CVE-2021-41264

Improper Initialization in npm/@openzeppelin/contracts

Identifiers

CVE-2021-41264, GHSA-5vp3-v4hc-gx76

Package Slug

npm/@openzeppelin/contracts

Vulnerability

Improper Initialization

Description

OpenZeppelin Contracts is a library for smart contract development. OpenZepplin Contracts is vulnerable to an attack affecting uninitialized implementation contracts.

Affected Versions

All versions starting from 4.1.0 before 4.3.2

Solution

Upgrade to version 4.3.2 or above.

Last Modified

2021-11-18

source