9 matches found
DepositPool is susceptible to the inflation attack
Lines of code Vulnerability details Summary The DepositPool contract is susceptible to the Inflation Attack, in which the first depositor can be front-runned by an attacker to steal their deposit. Impact The DepositPool pool contract acts mainly as a vault: accounts deposit LST assets and get bac...
getAssetPrice in ChainlinkPriceOracle.sol can return stale price.
Lines of code Vulnerability details Summary On chainlink oracle for every pair of tokens price updating time is different. After that particular time the price will be updated. getAssetPrice function is not checking when the last time the price was updated. So it may return stale price . So the...
Biased rsETH price calculation in depositAsset results in lesser rsETH minted to user
Lines of code Vulnerability details Impact The LRTDepositPool acts as a simplified vault allowing restakers to transfer their liquid staked tokens and receive rsETH tokens based on the current rsETH exchange rate. rsETH are minted to user by interacting with depositAsset function of LRTDepositPoo...
setDirectPrice is vulnerable to sandwich attack
Lines of code Vulnerability details Impact In ChainlinkOracle.sol we have setDirectPrice: function setDirectPriceaddress asset, uint256 price external onlyAdmin emit PricePostedasset, pricesasset, price, price; pricesasset = price; This function setDirectPrice allows the admin...
Uniswap / Sushiswap prices can be manipulated through flashloans
Handle cmichel Vulnerability details The UniswapV2CSSR.getExchangeRatio uses the current reserve to derive the exchange ratio. The fact that it mixes in historic data does not matter because it still uses the current reserves which can be manipulated through flashloans in currentPriceCumulative...
.latestRoundData() does not update the oracle - ExchangeRate.sol
Handle tensors Vulnerability details Impact The method .latestRoundData on an oracle returns the latest updated price from the oracle, but this is not the current price of an asset. To get an accurate current price you need to query it by calling the oracle and waiting for a callback to fulfill t...
Prevent markets getting stuck when prices don't move
Handle gpersoon Vulnerability details Impact Suppose there is a synthetic token where the price stays constant, for example: synthetic DAI with a payment token of DAI the price will not move binary option token for example tracking the USA elections; after the election results there will be no mo...
CVE-2019-20809
The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings...
CVE-2019-20809
CVE-2019-20809 affects Compound Finance’s PriceOracle.sol (Compound Price Oracle 1.0–2.0). A price poster can call setPrice to set an invalid asset price, violating intended swing limits and potentially manipulating downstream pricing. Exploitation details are not provided in the connected docume...