4 matches found
M-08 Unmitigated
Lines of code Vulnerability details Comments The success of low-level calls is not checked in V3Proxy. If msg.sender is a contract and the fallback function has additional logic, the protocol will succeed transfer by default, which will result in the loss of user funds. Mitigation There is no...
M-08 Unmitigated
Lines of code Vulnerability details The original issue M-08: Return value of low level call not checked, in scope for the mitigation review, was not acted upon, most likely overlooked during the fixing phase. Assessed type call/delegatecall --- The text was updated successfully, but these errors...
CONTROLLED LOW-LEVEL CALL
Lines of code Vulnerability details Impact The contract was using call which was accepting address controlled by a user. This can have devastating effects on the contract as a delegate call allows the contract to execute code belonging to other contracts but using it’s own storage. This can very...
RETURN VALUE OF LOW LEVEL call FUNCTION IS NOT CHECKED FOR SUCCESFUL VALUE TRANSFER
Lines of code Vulnerability details Impact The V3Proxy.swapTokensForExactETH and V3Proxy.swapExactTokensForETH functions use the low level call function to transfer Eth to the msg.sender as shown below: payablemsg.sender.callvalue: amountOut""; But there is no verification of the return value of...