Lucene search
K

17 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/28 2:50 a.m.6 views

Malicious code in solhint-plugin-lido-csm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e1653573c57f50f3e9d72fc8293e9051133742e8ea749ca7dda26c7eb89375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/07/28 2:50 a.m.5 views

MAL-2025-6333 Malicious code in solhint-plugin-lido-csm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e1653573c57f50f3e9d72fc8293e9051133742e8ea749ca7dda26c7eb89375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/12/10 1:40 p.m.4 views

MAL-2024-12153 Malicious code in lido-on-ethereum (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a3bb60770096d192fa10be6d8db3cb1a517989c512244db517590cf115f7a69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/10 1:40 p.m.2 views

Malicious code in lido-on-ethereum (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a3bb60770096d192fa10be6d8db3cb1a517989c512244db517590cf115f7a69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/10/16 1:1 p.m.3 views

MAL-2024-9689 Malicious code in lido-mev-monitoring (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:1 p.m.4 views

Malicious code in lido-mev-monitoring (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:1 p.m.3 views

Malicious code in lido-council-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99bf57f31f9431fe457ef726885325190325ba8e48b1adc3b4c0b599405554b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/10/16 1:1 p.m.4 views

MAL-2024-9688 Malicious code in lido-council-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99bf57f31f9431fe457ef726885325190325ba8e48b1adc3b4c0b599405554b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Code423n4
Code423n4
added 2023/05/08 12:0 a.m.13 views

Mitigation of M-05: Issue not mitigated, mitigation errors

MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-05: Issue not mitigated, mitigation errors Link to Issue: code-423n4/2023-03-asymmetry-findings812 Comments The issue describes missing checks associated with staking requirements for the WstEth and Reth derivative. The...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/25 9:56 a.m.2 views

Malicious code in lido-dao-test-dp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b3cda81343e26318448ae8ce053a04b74276f2e99a2af6cdb288720e87fa6e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/25 9:56 a.m.4 views

MAL-2022-4305 Malicious code in lido-dao-test-dp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b3cda81343e26318448ae8ce053a04b74276f2e99a2af6cdb288720e87fa6e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2022/07/22 8:9 a.m.1 views

Malicious Package

Overview lido-dao-test-dp is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/18 1:58 p.m.4 views

Malicious code in lido-cosmos-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91c734ea9798aa522386257ac88af574161a623f65bb9aa4931503a3b2d26bb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/18 1:58 p.m.8 views

MAL-2022-4304 Malicious code in lido-cosmos-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91c734ea9798aa522386257ac88af574161a623f65bb9aa4931503a3b2d26bb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2022/07/17 8:8 a.m.3 views

Malicious Package

Overview lido-cosmos-docs is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7.1AI score
Exploits0References3
Code423n4
Code423n4
added 2022/05/15 12:0 a.m.11 views

Lido adapter incorrectly calculates the price of the underlying token

Lines of code Vulnerability details Impact The Lido adapter incorrectly calculates the price of WETH in terms of WstETH. The function returns the price of WstETH in terms of stETH. The underlying token which we desire is WETH. Since stETH does not have the same value as WETH the output price...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/15 12:0 a.m.11 views

User may lose ETH when depositing stETH

Lines of code GeneralVault.solL75-L89 LidoVault.solL79-L104 Vulnerability details Impact When the depositCollateral function is used in the LidoVault.sol contract, a user depositing stETH may mistakenly have a non-zero msg.value. The ETH would be passed to the contract and the user would lose tha...

6.8AI score
Exploits0
Rows per page
Query Builder