2 matches found
The signature "V" length is not checked in castApprovalBySig, CastDisapprovalBySig & createActionBySig
Lines of code Vulnerability details Impact The length of the "v" value in the signatures is not checked. V must correspond according to ECDSA principles values of either 27 or 28. Not checking this will result in an attacker crafting a malicious v value and bypassing any checks, withdrawing funds...
[ H ] No Validation checks for "v" signature in castApprovalBySig
Lines of code Vulnerability details Impact V must correspond according to ECDSA principles values of either 27 or 28. Not checking this will result in an attacker crafting a malicious v value and bypassing any checks, withdrawing funds or accessing the function maliciously. Proof of Concept Craft...