Signature Validation Bypass in 'permit' Function of MarketERC20.sol

Lines of code Vulnerability details Description The 'MarketERC20.sol' contract contains a critical vulnerability in the 'permit' function, where insufficient signature validation allows for bypassing the authentication process. This loophole enables attackers to manipulate the function by providi...

CVE-2022-35961

OpenZeppelin Contracts (ECDSA.recover and ECDSA.tryRecover) suffer signature malleability due to acceptance of EIP-2098 compact signatures in the single-bytes variants (not when using r, v, s or r, vs). This could allow a reused/double-submitted signature to bypass replay protection in contracts ...