4 matches found
transferFees forwards liquidityPosition without storage
Lines of code Vulnerability details Impact Currently, the transferFees function assigns in line 196 the following: liquidityPosition = pool.liquidityPositionsto; which is not a storage pointer. Proof of Concept Due to the missing storage pointer, update and mintFees functions will simply change t...
SWC-109 Uninitialized Storage Pointer
Lines of code Vulnerability details Impact Uninitialized storage variables can point to unexpected storage locations. Proof of Concept // Exploitable Vulnerability MemoryPointer callData; Tools Used github Recommended Mitigation Steps // Initialize variable "callData" or set the storage attribute...
SWC-109 Uninitialized Storage Pointer
Lines of code Vulnerability details Impact Uninitialized local storage variables can point to unexpected storage locations in the contract, which can lead to intentional or unintentional vulnerabilities. Proof of Concept Exploit Vulnerability OrderStatus storage orderStatus; Tools Used github...
withdrawBounty the same bounty multiple times
Handle pauliax Vulnerability details Impact The same bounty can be claimed multiple times as it remains active. 'bounty' points to the memory variable, so its state is not persisted: Bounty memory bounty = bountiesbountyIdsi; requirebounty.active; IERC20bounty.token.transfermsg.sender,...