Lucene search
+L

7 matches found

code423n4
code423n4
added 2023/12/20 12:0 a.m.12 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
code423n4
code423n4
added 2023/12/19 12:0 a.m.10 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
code423n4
code423n4
added 2023/12/12 12:0 a.m.5 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
code423n4
code423n4
added 2023/12/12 12:0 a.m.9 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
code423n4
code423n4
added 2023/12/08 12:0 a.m.16 views

[H-01] Ocean contract and onERC1155Received function is vulnerable to read only reentrancy

Lines of code Vulnerability details Impact The Ocean contract and onERC1155Received function is vulnerable to read only reentrancy when read from another contract. The order of function execution when called externally from the onERC1155Received function in the Ocean contract is as follows. The...

7AI score
Exploits0
code423n4
code423n4
added 2023/09/05 12:0 a.m.9 views

Upgraded Q -> 2 from #26 [1693915911684]

Judge has assessed an item in Issue 26 as 2 risk. The relevant finding follows: Curve Read-only Reentrancy can increase the price of some CurveStableCollateral --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
code423n4
code423n4
added 2023/07/07 12:0 a.m.14 views

Read-only reentrancy is possible

Lines of code Vulnerability details Impact The agToken might be minted wrongly as rewards due to the reentrancy attack. Proof of Concept There are redeem/swap logics in the transmuter contract and all functions don't have a nonReentrant modifier. So the typical reentrancy attack is possible durin...

6.7AI score
Exploits0
Rows per page
Query Builder