2 matches found
Missing slippage control when directly interacting with the VotiumStrategy contract
Lines of code Vulnerability details Summary Direct deposits and withdrawals within VotiumStrategy lack any slippage controls, which opens up the possibility of sandwich attacks and Miner Extractable Value MEV exploits. Impact Interactions in the AfEth protocol often require the exchange of ETH fo...
_harvest has no slippage protection when swapping auraBAL for AURA
Lines of code Vulnerability details Impact Single swaps of harvest contains no slippage or deadline, which makes it vulnerable to sandwich attacks, MEV exploits and may lead to significant loss of yield. Proof of Concept When using BALANCERVAULT.swap here and here, there is no slippage protection...