4 matches found
DoS after creating 100 raffles under one subscriptionID
Lines of code Vulnerability details Impact If a user adds new consumer, function VRFCoordinatorV2::addConsumer is called: function addConsumeruint64 subId, address consumer external override onlySubOwnersubId nonReentrant // Already maxed, cannot add any more consumers. if...
Draw organizer can rig the draw to favor certain participants such as their own account.
Lines of code Vulnerability details Description In RandomDraw, the host initiates a draw using startDraw or redraw if the redraw draw expiry has passed. Actual use of Chainlink oracle is done in requestRoll: request.currentChainlinkRequestId = coordinator.requestRandomWords keyHash:...
MAL-2022-6345 Malicious code in subscriptionid-apiversion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5684f785ef82c798934c88950970276b80b0e16123d2b98b62fc04c4befbdc0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in subscriptionid-apiversion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5684f785ef82c798934c88950970276b80b0e16123d2b98b62fc04c4befbdc0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...