7 matches found
CVE-2024-45403
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, th...
Upgraded Q -> 3 from #534 [1702060375162]
Judge has assessed an item in Issue 534 as 3 risk. The relevant finding follows: L-03 Consider use stETH/UDS oracle Issue Description: The sponsor has confirmed their choice of Chainlink as an oracle to fetch prices. Since all other LST price feeds are 18 decimal places, they will most likely use...
Upgraded Q -> 3 from #16 [1691315821722]
Judge has assessed an item in Issue 16 as 3 risk. The relevant finding follows: L-04: MorphoTokenisedDeposit override decimalsOffset ==0 increase ERC4626 inflation attack risk --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 3 from #240 [1686228527253]
Judge has assessed an item in Issue 240 as 3 risk. The relevant finding follows: L-01 --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 3 from #88 [1679874647648]
Judge has assessed an item in Issue 88 as 3 risk. The relevant finding follows: L-2 Invalid and stale prices from Synthethix are not validated --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded G -> 3 from #31 [1673740310963]
Judge has assessed an item in Issue 31 as 3 risk. The relevant finding follows: gegae --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded G -> 3 from #31 [1673740145531]
Judge has assessed an item in Issue 31 as 3 risk. The relevant finding follows: tetaegerageage --- The text was updated successfully, but these errors were encountered: All reactions...