CVE-2021-3004

2021-01-0303:20:10

mitre

www.cve.org

cve-2021-3004

ethereum token

incorrect calculations

attacker

token exploitation

EPSS

0.001

Percentile

38.8%

JSON

The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an Ethereum token, has certain incorrect calculations. An attacker can obtain more yCREDIT tokens than they should.

References

blocksecteam.medium.com/deposit-less-get-more-ycredit-attack-details-f589f71674c3

etherscan.io/address/0xe0839f9b9688a77924208ad509e29952dc660261

EPSS

0.001

Percentile

38.8%

JSON

Related for CVELIST:CVE-2021-3004