Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/10/25 12:0 a.m.5 views

M-01 Unmitigated

Lines of code Vulnerability details Mitigation of M-01: Issue not mitigated Link to Issue: code-423n4/2023-09-asymmetry-findings55 Comments The sponsor has acknowledged the issue but decided to not mitigate it. Acknowledged and did not fix, plan to upgrade a fix in the future Assessed type Other...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.6 views

H-01 Unmitigated

Lines of code Vulnerability details Mitigation of H-01: Mitigation Error, see comments Link to Issue: code-423n4/2023-09-asymmetry-findings62 Comments The sponsor has provided a detailed response in the following comment: code-423n4/2023-09-asymmetry-findings62 comment In summary their analysis i...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.8 views

Lack of slippage protection for depositRewards() in AfEth.sol makes it susceptible to sandwich attacks

Lines of code Vulnerability details Bug Description In VotiumStrategyCore.sol, the buyCvx function calls exchangeunderlying of Curve's ETH / CVX pool to buy CVX: VotiumStrategyCore.solL233-L240 ICrvEthPoolCVXETHCRVPOOLADDRESS.exchangeunderlying value: ethAmountIn 0, 1, ethAmountIn, 0 // this is...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.11 views

price() in AfEth.sol doesn't take afEth held for pending withdrawals into account

Lines of code Vulnerability details Bug Description In AfEth.sol, the price function returns the current price of afEth: AfEth.solL133-L141 function price public view returns uint256 if totalSupply == 0 return 1e18; AbstractStrategy vEthStrategy = AbstractStrategyvEthAddress; uint256...

6.9AI score
Exploits0
Rows per page
Query Builder