CVE-2023-30542
Published Apr 16, 2023
Last updated 2 years ago
Overview
- Description
- OpenZeppelin Contracts is a library for secure smart contract development. The proposal creation entrypoint (`propose`) in `GovernorCompatibilityBravo` allows the creation of proposals with a `signatures` array shorter than the `calldatas` array. This causes the additional elements of the latter to be ignored, and if the proposal succeeds the corresponding actions would eventually execute without any calldata. The `ProposalCreated` event correctly represents what will eventually execute, but the proposal parameters as queried through `getActions` appear to respect the original intended calldata. This issue has been patched in 4.8.3. As a workaround, ensure that all proposals that pass through governance have equal length `signatures` and `calldatas` parameters.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- security-advisories@github.com
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openzeppelin:contracts:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "411C30F2-953A-46C1-B290-F73D73742342",
"versionEndExcluding": "4.8.3",
"versionStartIncluding": "4.3.0"
},
{
"criteria": "cpe:2.3:a:openzeppelin:contracts_upgradeable:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "DE759E37-EAC7-4CDA-9AB1-0703E9398214",
"versionEndExcluding": "4.8.3",
"versionStartIncluding": "4.3.0"
}
],
"operator": "OR"
}
]
}
]