6 matches found
Malicious code in pause-function (npm)
The package pause-function was found to contain malicious code...
brick-node (>=0.0.0 <=0.0.17), change-object (=0.0.0) +9 more potentially affected by unknown CVE via pause-function (=0.0.1)
pause-function NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on pause-function and may be impacted: - brick-node =0.0.0, =1.16.0, =0.0.0, =1.0.1 - stream-format =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-28923...
MAL-2025-28923 Malicious code in pause-function (npm)
The package pause-function was found to contain malicious code...
To protect the contract in case of hacking or detection of incorrect operation, it is necessary to add pause and blacklist functions
Lines of code Vulnerability details Impact Cases of hacking and self-identification of errors in contact often occur. To protect the contract in such a case, the pause and blacklist functions in the contract are usually used. This would provide protection for the DelegateToken.sol contract in cas...
Vulnerability in Pause Function
Lines of code Vulnerability details Impact An attacker can exploit this vulnerability by setting any value as the new paused status code, which can allow the attacker to circumvent the pausing restrictions and carry out unauthorized actions on the contract. This can lead to significant consequenc...
Price manipulation attack
Lines of code Vulnerability details Impact The PriceFeed.sol was marked OOS but I believe this to be a valid issue. If the chainlink feed fails which is does from time to time, the Tellor price feed takes over no matter what the delta is compared to the chainlink price. This is an issue because t...