2 matches found
[H-02] The Ocean contract and the onERC721Received function is vulnerable to read-only re-entrancy
Lines of code Vulnerability details Impact The contract.function called Ocean.onERC721Received is vulnerable to read-only re-entrancy. The read-only re-entrancy is possible if the contract function is called externally from another contract. What follows are the functions that are traversed throu...
Allowance not updated correctly
Lines of code Vulnerability details Impact allowance doesn't get updated properly therefore an attacker contract can exploit the token contract by transferring some tokens and still spend the same amount of allowance. Here are the steps: calling approve function from ERC20.sol with the spender...