Improper Input Validation

@fuel-ts/account is vulnerable to Improper Input Validation. The vulnerability is caused due to the fund function in fuels-ts/packages/account/src/account.ts which gets the needed resources statelessly with the function getResourcesToSpend without taking into consideration already used UTXOs. Thi...

CVE-2024-41945

The fuels-ts vulnerability centers on the fund function in fuels-ts/packages/account/src/account.ts, which gathers needed UTXOs using getResourcesToSpend without excluding already used UTXOs. This stateless approach can yield inputs that become invalid within the same block, causing transactions ...

fuels-ts 输入验证错误漏洞

fuels-ts is an open source library from Fuel Labs that interacts with Fuel v2. An input validation error vulnerability exists in fuels-ts, which is caused by the "fund" function in "fuels-ts/packages/account/src/account.ts" that uses the function The "getResourcesToSpend" function in...

CommunityIssuance.sol – Stability pool can manipulate time stamps with the fund function to issue more oath than appropriate.

Lines of code Vulnerability details If lastDistributionTime is set to a date in the future, it would allow the issueOath function to continue to mint tokens even after it should have stopped. This is because the if statement in issueOath checks whether the current time is greater than...