Lucene search
K

4 matches found

Code423n4
Code423n4
added 2024/01/08 12:0 a.m.15 views

Miscalculation of OLAS Amount Due to Inaccurate LP Token Price in Specific Bonding Mechanism Scenarios

Lines of code Vulnerability details Impact Incorrect valuation of the LP Token price can result in either an excess issuance of OLAS Tokens, causing a loss to the protocol, or a lower issuance of OLAS Tokens, leading to losses for the user. Proof of Concept The prototype of the create function in...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/30 12:0 a.m.11 views

Reth flashloan attack

Lines of code Vulnerability details Impact Using a flashloan to manipulate rETH/ETH price a hacker can receive more SafEth shares for the same amount of ether, thus draining all three derivative contracts rETH, SfrxEth and WstEth. Proof of Concept Reth.poolPrice depends on UniswapV3 pool.slot0...

6.6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/10/19 3:28 p.m.48 views

Specification non-compliance in JUMPI

Impact In evm crate 0.31.0, JUMPI opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Patches This is a high severity security advisory if you use evm crate for...

9.8CVSS9.4AI score0.00995EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/10/18 9:0 p.m.59 views

CVE-2021-41153 Specification non-compliance in JUMPI

The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In evm crate 0.31.0, JUMPI opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. This is a...

8.7CVSS9.8AI score0.00995EPSS
Exploits0References2
Rows per page
Query Builder