2 matches found
CVE-2023-38335
Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis libraries "always private" - this is supposed to be an irreversible operation. However, due to implementation issues, "always private" Omnis libraries can be opened by the Omnis Studio browser by bypassin...
Lack of method to delete a rewardsDistributor in Comptroller.sol can break rewards distribution permanently
Lines of code Vulnerability details Proof of Concept The storage array rewardsDistributors will be used to distribute the rewards across the hooks in Comptroller.sol, namely preMintHook, preRedeemHook, preBorrowHook, preRepayHook, preSeizeHook and preTransferHook We can see addRewardsDistributor...