Lucene search
+L

10 matches found

Code423n4
Code423n4
added 2024/01/08 12:0 a.m.17 views

Miscalculation of OLAS Amount Due to Inaccurate LP Token Price in Specific Bonding Mechanism Scenarios

Lines of code Vulnerability details Impact Incorrect valuation of the LP Token price can result in either an excess issuance of OLAS Tokens, causing a loss to the protocol, or a lower issuance of OLAS Tokens, leading to losses for the user. Proof of Concept The prototype of the create function in...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.19 views

The protocol uses IRouter01 from Uniswap, which should not be used anymore because of a bug found in the code

Lines of code Vulnerability details Impact The protocol implements Router01 from UniswapV2 to do any swaps of tokens in OptionsPositionManager.sol, but Router01 is deprecated and bugged and should not be used anymore. Proof of Concept As can be seen in the UniswapV2 documentation Router01 should...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/19 12:0 a.m.10 views

Early user can break the minting of LP Tokens

Lines of code Vulnerability details Impact The attack vector is the same as TOB-YEARN-003, where users may not receive liquidity tokens in exchange for their baseTokenAmount and fractionalTokenAmount deposited if the total baseTokenAmount has been manipulated through a large “donation”. In the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/19 12:0 a.m.12 views

Incorrect rounding in buyQuote

Lines of code Vulnerability details The function buyQuote present in the Pair contract is used to calculate the amount of base tokens required to buy a given amount of fractional tokens. function buyQuoteuint256 outputAmount public view returns uint256 return outputAmount 1000 baseTokenReserves /...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/19 12:0 a.m.11 views

User will often overpay when adding liquidity

Lines of code Vulnerability details Impact One of the assets either baseTokens or fractionalTokens will likely be overpaid when the user calls Pair.add liquidity. Proof of Concept The Pair.add function takes baseTokenAmount, fractionalTokenAmount and minLpTokenAmount as inputs. The first two...

6.7AI score
Exploits0
OSV
OSV
added 2022/10/31 5:7 a.m.3 views

MAL-2022-691 Malicious code in @uniswapv2/mempool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 757bc76cb718365caf2a86ab75367434d84cf67593c31497d74ed11eb494d86e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Code423n4
Code423n4
added 2022/04/12 12:0 a.m.11 views

Can steal yVault deposits due to bad initial shares calculation

Lines of code Vulnerability details Impact The yVault.deposit function mints initial shares equal to the deposited amount. The deposit / withdraw functions also use the balance, which includes the contract balance token.balanceOfaddressthis, to compute the shares. It's possible to increase the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/19 12:0 a.m.5 views

Lacking slippage protection in RebalanceManagerV3

Handle p4st13r4 Vulnerability details Impact In RebalanceManagerV3 calls to UniswapV2-like router is lacking slippage protection exposing the rebalance process to front-running attacks. Proof of Concept Tools Used Editor Recommended Mitigation Steps Consider adding a minOutput to...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/15 12:0 a.m.13 views

No slippage tolerance checks during swap functions opens up flashloan attacks and price manipulation

Handle jayjonah8 Vulnerability details Impact With functions like joinTokenSingle in SingleTokenJoin.sol that handle swapping with uniswapV2 like exchanges there are no slippage tolerance checks in place to prevent flashloan attacks and price manipulation. Proof of Concept Tools Used Manual code...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/05/26 12:0 a.m.13 views

Call to swapExactTokensForETH in liquidateDai() will always fail

Handle 0xRajeev Vulnerability details Impact liquidateDai calls Uniswap’s swapExactTokensForETH to swap Dai to ETH. This will work if msg.sender, i.e. FSD contract, has already given the router an allowance of at least amount on the input token Dai. Given that there is no prior approval, the call...

6.9AI score
Exploits0
Rows per page
Query Builder