6 matches found
CVE-2023-30542
OpenZeppelin Contracts is a library for secure smart contract development. The proposal creation entrypoint propose in GovernorCompatibilityBravo allows the creation of proposals with a signatures array shorter than the calldatas array. This causes the additional elements of the latter to be...
The Treasury.sol contract changes the address for the different manager contract in one function call.
Lines of code Vulnerability details Impact In a case where either one of the manager addresses the tokenomics, depositiory or dispenser contracts are compromised or deprecated, attempting to replace the compromised manager contract address necessitates an overall replacement of all the other...
changeRegistries() from the Tokenomics contract changes different registries at the same time.
Lines of code Vulnerability details Impact In a case where either one of the agent, component or service registry are deprecated, attempting to replace the compromised registry necessitates an overall replacement of all the other registries. This not only utilizes excess gas but can also bring...
High - TemporalGovernor.sol - Malicious Governance Propsoals can interact with Metamorphic Contracts resulting in Business Critical Risk to the Protocol
Lines of code Vulnerability details High - TemporalGovernor.sol - Malicious Governance Propsoals can interact with Metamorphic Contracts resulting in Business Critical Risk to the Protocol Impact Due to the permisionless governance execution method, with no ascribed or implemented security...
GHSA-M6W8-FQ7V-PH4M GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior
Impact The GovernorCompatibilityBravo module may lead to the creation of governance proposals that execute function calls with incorrect arguments due to bad ABI encoding. This happens if the proposal is created using explicit function signatures, e.g. a proposal to invoke the function foouint256...
GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior
Impact The GovernorCompatibilityBravo module may lead to the creation of governance proposals that execute function calls with incorrect arguments due to bad ABI encoding. This happens if the proposal is created using explicit function signatures, e.g. a proposal to invoke the function foouint256...