3 matches found
Upgraded Q -> 2 from #55 [1693255720314]
Judge has assessed an item in Issue 55 as 2 risk. The relevant finding follows: If we take a look at the EIP712 standard it states the following The array values are encoded as the keccak256 hash of the concatenated encodeData of their contents i.e. the encoding of SomeType5 is identical to that ...
Inconsistent encoding of arrays in MetaTxLib
Lines of code Vulnerability details Bug Description According to the EIP-712 specification, arrays are encoded by concatenating its elements and passing the result to keccak256: The array values are encoded as the keccak256 hash of the concatenated encodeData of their contents i.e. the encoding o...
sequelize SQL Injection Vulnerability
sequelize is a database ORM Object Relational Mapping tool for Node.js. An SQL injection vulnerability exists in sequelize 3.19.3 and earlier versions, which originates when the program uses an array as a string and fails to encode it correctly. The vulnerability can be exploited to remove IDs wi...