3 matches found
ERC20 approvals may need to be set to 0 beforehand
Lines of code Vulnerability details Impact There are some instances where there is an ERC20 approval for a max uint256 amount. ERC20 tokens such as USDT require the address allowance to be set to 0 beforehand, so this would cause reverts for those tokens. Proof of Concept -Token such as USDT gets...
Seaport proxy is missing ERC20 approval, so it can't buy any order that is listed using an ERC20
Lines of code Vulnerability details Impact Seaport proxy is missing ERC20 approval, so it can't buy any order that is listed using an ERC20. Proof of Concept function execute BasicOrder calldata orders, bytes calldata ordersExtraData, bytes calldata extraData, address recipient, bool isAtomic,...
VaderPoolV2 owner can steal all user assets which are approved VaderPoolV2
Handle TomFrenchBlockchain Vulnerability details Impact Possible theft of all user assets with an ERC20 approval on VaderPoolV2 Proof of Concept The owner of VaderPoolV2 can call the setTokenSupport function which allows the caller to supply any address from which to take the assets to provide th...