CVE-2023-34234 Governor proposal creation may be blocked by frontrunning in OpenZeppelin

OpenZeppelin Contracts is a library for smart contract development. By frontrunning the creation of a proposal, an attacker can become the proposer and gain the ability to cancel it. The attacker can do this repeatedly to try to prevent a proposal from being proposed at all. This impacts the...

Attacker can DOS OptimisticListing with very low cost

Lines of code Vulnerability details Impact The only check on a new proposal is that it is priced lower than the existing proposal. It does not constrain on the collateral supplied except it will revert in verifyBalance if set to 0. Anyone can block normal proposal creation by creating a proposal...