How severe is CVE-2023-30541?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-30541?

This is classified as CWE-436, which is a common weakness in software security.

CVE-2023-30541

MEDIUM Year: 2023

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-436

View all →

Vulnerability Description

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding, the proxy could revert while attempting to decode the arguments from calldata. The probability of an accidental clash is negligible, but one could be caused deliberately and could cause a reduction in availability. The issue has been fixed in version 4.8.3. As a workaround if a function appears to be inaccessible for this reason, it may be possible to craft the calldata such that ABI decoding does not fail at the proxy and the function is properly proxied through.

CVE-2024-3386

MEDIUM

CVSS:5.3(Medium)

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains t...

CWE-4362024

CVE-2025-24013

MEDIUM

CVSS:5.3(Medium)

CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers w...

CWE-4362025

CVE-2020-9264

MEDIUM

CVSS:5.5(Medium)

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Interne...

CWE-4362020

CVE-2020-9342

MEDIUM

CVSS:5.5(Medium)

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Prot...

CWE-4362020

CVE-2020-9399

MEDIUM

CVSS:5.5(Medium)

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux.

CWE-4362020

CVE-2023-22998

MEDIUM

CVSS:5.5(Medium)

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an ...

CWE-4362023

CVE-2023-30541

Vulnerability Description

Related Vulnerabilities

CVE-2024-3386

CVE-2025-24013

CVE-2020-9264

CVE-2020-9342

CVE-2020-9399

CVE-2023-22998