7 matches found
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
Calls to get_virtual_price() are vulnerable to read-only reentrancy
Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...
[H-01] Ocean contract and onERC1155Received function is vulnerable to read only reentrancy
Lines of code Vulnerability details Impact The Ocean contract and onERC1155Received function is vulnerable to read only reentrancy when read from another contract. The order of function execution when called externally from the onERC1155Received function in the Ocean contract is as follows. The...
Upgraded Q -> 2 from #26 [1693915911684]
Judge has assessed an item in Issue 26 as 2 risk. The relevant finding follows: Curve Read-only Reentrancy can increase the price of some CurveStableCollateral --- The text was updated successfully, but these errors were encountered: All reactions...
Read-only reentrancy is possible
Lines of code Vulnerability details Impact The agToken might be minted wrongly as rewards due to the reentrancy attack. Proof of Concept There are redeem/swap logics in the transmuter contract and all functions don't have a nonReentrant modifier. So the typical reentrancy attack is possible durin...