2 matches found
Malicious code in @ikea-aoa/component-price-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7f7e0211ea2009802ec566e645d03e557dda0a2f62f2546df574ab757ab095d2 The OpenSSF Package Analysis project identified '@ikea-aoa/component-price-module' @ 99.0.1 npm as malicious. It is considered malicious because...
The _movingAverage always have the same value as _movingAverage + (currentPrice / numObs)
Lines of code Vulnerability details Impact On updateMovingAverage the calculate new moving average is always movingAverage == movingAverage + currentPrice / numObs Proof of Concept 1- keeper invoke beat on Heart.sol 2- this PRICE.updateMovingAverage; to updating the moving average on the Price...