3 matches found
Zed Attack Proxy 2.17.0 Cross Platform Package
The Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testin...
Lack of Deadline Protection in Key Functions Poses Potential Exploits
Lines of code Vulnerability details Impact The absence of a deadline parameter in key function calls within the EvolvingProteus contract poses a significant vulnerability. Transactions that stay pending in the mempool due to outdated slippage could be executed at a much later time than initially...
EXTERNAL CALL TO UNTRUSTED PARTIES
Lines of code Vulnerability details Impact Functions in this contract or inherited functions can be reentered. Proof of Concept In Vault.sol the withdrawAVAX and redeemAVAX functions make an external call to the msg.sender by way of safeTransferETH. This allows the caller to reenter this and othe...