Lucene search
K

7 matches found

Packet Storm News
Packet Storm News
added 2025/05/25 12:0 a.m.5 views

A Quantitative Notion of Economic Security for Smart Contract Compositions

Decentralized applications are often composed of multiple interconnected smart contracts. This is especially evident in DeFi, where protocols are heavily intertwined and rely on a variety of basic building blocks such as tokens, decentralized exchanges and lending protocols. A crucial security...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.12 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.14 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.10 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/12/19 12:0 a.m.16 views

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.6 views

Miscalculation of _supplyCreditUni allows undercollateralized loan

Handle WatchPug Vulnerability details In supplyCreditUni, the calculation of the collateral value of tokenB supply is using priceB instead of priceA, which can lead to undercollateralized loans. function supplyCreditUni address account, address returnToken, uint priceA, uint priceB, uint...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/05/04 12:0 a.m.6 views

UniswapConfig getters return wrong token config if token config does not exist

Handle @cmichelio Vulnerability details Vulnerability Details The UniswapConfig.getTokenConfigBySymbolHash function does not work as getSymbolHashIndex returns 0 if there is no config token for that symbol uninitialized map value, but the outer function implements the non-existence check with -1...

6.8AI score
Exploits0
Rows per page
Query Builder