2 matches found
The LiquidityManager.pairMintCallback() might be exploited to steal funding from another user when the factory contract is compromised.
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The LiquidityManager.pairMintCallback might be exploited to steal funding from another user due to three issues: 1. LiquidityManager.pairMintCallback is a callback function for the addLiquidity, which...
[WP-H30] A malicious/compromised Registry or Factory admin can drain all the funds from the Vault contracts
Handle WatchPug Vulnerability details modifier onlyMarket require IRegistryregistry.isListedmsg.sender, "ERRORONLYMARKET" ; ; function borrowValueuint256 amount, address to external onlyMarket override debtsmsg.sender += amount; totalDebt += amount; IERC20token.safeTransferto, amount; The current...