5 matches found
BigBang liquidations causes YieldBox-tokens to be locked in contract
Lines of code Vulnerability details Impact When a position gets liquidated in BigBang the contract will receive YieldBox-assetId-tokens of which some are sent to the liquidator and penrose-fee-receiver. The rest will get stuck in the contract and cannot be claimed as fees in refreshPenroseFees...
Setting debtStartPoint > 0 breaks many BigBang actions
Lines of code Vulnerability details Impact If BigBang.debtStartPoint is set to a value 0, many core features will break, e.g. deposits of collateral will be possible, but removal not, which would effectively lock collateral inside the contract. Proof of Concept BigBang.getDebtRate uses the variab...
bigbang (>=0.0.6 <=0.0.9), bruteforus (=0.1.0) +8 more potentially affected by CVE-2020-36463 via multiqueue (=0.3.2)
multiqueue CARGO version =0.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on multiqueue and may be impacted: - bigbang =0.0.6, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.1.6, =0.2.0, =0.5.0 Source cves: CVE-2020-36463 Source advisory:...
bigbang (>=0.0.6 <=0.0.9), bruteforus (=0.1.0) +8 more potentially affected by CVE-2020-36463 via multiqueue (=0.3.2)
multiqueue CARGO version =0.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on multiqueue and may be impacted: - bigbang =0.0.6, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.1.6, =0.2.0, =0.5.0 Source cves: CVE-2020-36463 Source advisory:...
BIGBANG SHAKE - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application BIGBANG SHAKE published at the 'play' market has multiple vulnerabilities...