Lucene search
+L

8 matches found

Code423n4
Code423n4
added 2023/03/20 12:0 a.m.8 views

[term-fix] Mitigation Error

Lines of code Vulnerability details Note - The term refactoring has been made for the following reason: Our main KIBT is intended to be backed by 1-year treasury bill tokens, however, a bond issued on 1 Jan 2023 does not have the same amount of seconds compared to a 1-year treasury bill issued on...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/02/22 12:0 a.m.11 views

KUMASwap.buyBond() is vulnerable to being used for reentry attacks

Lines of code Vulnerability details Impact KUMASwap.buyBond could be exploited for some kind of reentry attack now or in the future Proof of Concept KUMASwap.buyBond may trigger a callback to the sender's contract before the following statements being executed: updateMinCoupon;...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/22 12:0 a.m.11 views

Multiple KBCTokens can be minted fir single KUMABondToken id.

Lines of code Vulnerability details Impact The KUMASwap.buyBond mints KBCTokens clone token for every KUMABondToken whose bondFaceValue is greater than realizedBondValue. function buyBonduint256 tokenId external override whenNotPaused whenNotDeprecated IKUMAAddressProvider KUMAAddressProvider =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/22 12:0 a.m.11 views

KUMASwap.buyBond :- Clone token + KUMABondToken transfer for a single KUMABondToken id.

Lines of code Vulnerability details Impact The KUMASwap.buyBond mints KBCTokens clone token for every KUMABondToken whose bondFaceValue is greater than realizedBondValue. If bondFaceValue is not greater than realizedBondValue a simple KUMABondToken transfer is done to the caller. function...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/22 12:0 a.m.9 views

KUMASwap.buyBond() is vulnerable to being used for reentry attacks

Lines of code Vulnerability details Impact KUMASwap.buyBond could be exploited for some kind of reentry attack now or in the future Proof of Concept KUMASwap.buyBond may trigger a callback to the sender's contract before the following statements being executed: updateMinCoupon;...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/21 12:0 a.m.16 views

KIBToken._transfer() did not correctly handle the case where from is the same as to

Lines of code Vulnerability details Impact Hackers can obtain any number of KIB tokens out of thin air. Using the stolen KIB tokens, the hacker could steal all the bonds in the KUMASwap by calling KUMASwap.buyBond, or steal all the deprecationStableCoin in the KUMASwap by calling...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/21 12:0 a.m.9 views

Price feed in MCAGRateFeed#getRate is not sufficiently validated and can return stale price

Lines of code Vulnerability details Impact MCAGRateFeedgetRate may return stale data Proof of Concept , int256 answer,,, = oracle.latestRoundData; Classic C4 issue. getRate only uses answer but never checks the freshness of the data, which can lead to stale bond pricing data. Stale pricing data c...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/21 12:0 a.m.13 views

KUMASwap incorrectly reverts when when _maxCoupons has been reached

Lines of code Vulnerability details Impact Selling bonds with coupons that are already accounted will fail unexpectedly Proof of Concept if coupons.length == maxCoupons revert Errors.MAXCOUPONSREACHED; The above lines will cause ALL bonds sales to revert when coupons.length has reached maxCoupons...

6.8AI score
Exploits0
Rows per page
Query Builder