latestAnswer() may return stale values

Lines of code 121, 122, 123, 124, 51 Vulnerability details latestAnswer only returns the latest answer or zero, and thus there is no way to tell whether the value is stale or not. Use latestRoundData instead, and check whether the latest timestamp is within your protocol's limits. File:...

Usage return instead revert

Lines of code Vulnerability details Impact Usage return instead revert Proof of Concept Tools Used Recommended Mitigation Steps Use revert with correct error. --- The text was updated successfully, but these errors were encountered: All reactions...

taetaw

Lines of code L1 Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- Th...

A US Propaganda Operation Hit Russia and China With Memes

Plus: An Iranian hacking tool steals inboxes, LastPass gets hacked, and a deepfake scammer targets the crypto world...

TEST

Lines of code L1 Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- Th...

Upgraded Q -> H from 207 [1656344605107]

Judge has assessed an item in Issue 207 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Code injection

The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...