Information Disclosure

github.com/authzed/spicedb is vulnerable to Information Disclosure. The vulnerability is due to the exclusion operator in the authorization schema, where a large payload can cause the WriteRelationships call to fail silently, and incorrect permission check results are returned, allowing attackers...

A Practical Solution to Systematically Monitor Inconsistencies in SBOM-Based Vulnerability Scanners

Software Bill of Materials SBOM provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning SVS to identify vulnerabilities, we increasingly observe inconsistencies and unexpected behavior, that resul...

The values for strategyIndexes are not enforced

Lines of code Vulnerability details Proof of Concept strategyIndexes is used to indicate which strategies the caller will withdraw 100% of his shares, but it can contain any value when calling StrategyManager.queueWithdrawal and StrategyManager.slashShares. These two functions will reuse...

SUSE CVE-2021-28692

inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPUs issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, the issuing CPU...

Use safeTransferFrom instead of transferFrom()

Lines of code Vulnerability details Impact Although ERC20 standard suggests that a transfer should return true on success, there are tokens that doesn't comply with this. Therefore, the transferFrom call might cause silent failures and will affect the token accounting in this contract. Proof of...

Use safetransfer/safetransferFrom instead of transfer/transferFrom in ERC20

Lines of code Vulnerability details Impact Its a good to checks the return value of token transfer using safetransfer or safetransferFrom on Openzeppelin to ensure the token revert when transfer failure. Failure to do so will cause silent failures of transfer and affect token accountng in contrac...

Use safetransfer/safetransferFrom consistently instead of transfer/transferFrom

Lines of code Vulnerability details Impact Its a good to add require statement to checks the return value of token transfer or using safetransfer or safetransferFrom on Openzeppelin to ensure the token revert when transfer failure. Failure to do so will cause silent failures of transfer and affec...

Unchecked Return Value for transfer & transferFrom call

Lines of code Vulnerability details Impact It is good to add a require statement that checks the return value of token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silen...

Use safeTransferFrom consistently instead of transferFrom

Handle Jujic Vulnerability details Impact It is good to add a require statement that checks the return value of token transfers, or to use something like OpenZeppelin’s safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silent failures of...

Use safeTransfer/safeTransferFrom consistently instead of transfer/transferFrom

Handle defsec Vulnerability details Impact It is good to add a require statement that checks the return value of token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silen...

Unchecked token transfers

Handle Lucius Vulnerability details Impact The functions transerFrom/transer do not revert on failure and instead simply return false. Without checks on the return values, the transfers could potentially fail silently allowing unexpected issues with certain token pools. E.G. If a user calls depos...

Use safeTransfer/safeTransferFrom consistently instead of transfer/transferFrom

Handle 0xRajeev Vulnerability details Impact It is good to add a require statement that checks the return value of token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause...