3 matches found
No reentrancy guards on functions using .call
Handle jayjonah8 Vulnerability details Impact In BridgeMinter.sol the migrateToNewMinter and withdrawETHToL1Migrator both use the .call function without adding reentrancy guard modifiers to the functions. This is important when using .call as functions can be reentered before execution is complet...
Reentrancy vulnerability allows attacker to steal underlying tokens with withdraw
Handle harleythedog Vulnerability details Impact The withdrawDeposit function has the following code which runs before the underlying tokens are transferred to the to address: if isIntegrationclaim.beneficiary bytes4 ret = IIntegrationclaim.beneficiary.onDepositMinted tokenId, newShares, claim.da...
Reentrancy vulnerability allows attacker to gain more shares than deserved
Handle harleythedog Vulnerability details Impact In Vault.sol, the deposit function is the external function that allows transferring underlying tokens to mint position NFTs. The deposit function first calls createDeposit which creates the position/determines how many shares to allocate, and then...