Shared-library version with known-vuln status

Beefy Finance's assessment for RD-F-135 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 8 fork-lineage factor; not applicable to original protocols. Factual: OZ contracts-upgradeable 4.9.3 has no active high/critical advisory. The UUPSUpgradeable advisory (GHSA-q4h9-46xg-m3x9) affected versions <4.3.2 — not applicable to 4.9.3.

Sources #

URL
OZ UUPS Advisory GHSA-q4h9-46xg-m3x9GHSA-q4h9-46xg-m3x9 UUPSUpgradeable — affects <4.3.2, not 4.9.3retrieved 2026-05-16

Methodology #

Identify the version of key shared libraries (OZ, Solady, Solmate) used and check against CVE/GHSA databases for any active advisory.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-135 score not_applicable collected_at 2026-05-16 13:10:30