7 matches found
Upgraded Q -> 2 from #165 [1699030252844]
Judge has assessed an item in Issue 165 as 2 risk. The relevant finding follows: Allowed user have too much priviledge Links to affected code Impact Allowed user can revoke approval of other allowed address. Proof of Concept The allowed user can allow other user. If allowed address is compromised...
closeMarket() can only be called by the market controller but the controller has no function to close a market.
Lines of code Vulnerability details Description Due to the restriction on the closeMarket function, only the controller is able to use it, but the controller contract has no way to call it. Impact Since the borrower becomes unable to close a market once it opened, it becomes a big issue as the...
[M-17] Reentrancy in the BranchBridgeAgent contract
Lines of code Vulnerability details Impact In a Re-entrancy attack, a malicious contract calls back into the calling contract before the first invocation of the function is finished. This may cause the different invocations of the function to interact in undesirable ways, especially in cases wher...
Test manage-findings update with new cors
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...
No slippage control for deposit() with the impact that a user deposits with expected high bond price might end up a deposit with the lowest bond price.
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. There is no slippage control for deposit. Impact: a user deposits with expected high bond price might end up a deposit with the lowest bond price. Scenario: a depositor waits for the end of an epoch,...
Protocol faces truncation issue in some places due to solidity integer division
Lines of code Vulnerability details Impact UniswapOracleFundingRateController.sol : periodRatio , targetMarkRatio - less multiplier output than the actual value that is possible. EDAPrice.sol: again the final outcome affects the multiplier. Please refer the code link in POC. PaprController.sol:...
Harvest: CSRF token fixation in Sign in with Google
Hi There is CSRF token fixation in Sign in with Google at https://id.getharvest.com/sessions/new The state parameter is same for any time login https://id.getharvest.com/oauth2/callback?state=%7B%22intent%22:%22sign-in%22%7D&code=code Steps to reproduce 1. Go to...