3 matches found
GovernorOLAS is susceptible to DOS via proposal frontrunning
Lines of code Vulnerability details Impact The GovernorOLAS contract inherits from OpenZeppelin's GovernorCompatibilityBravo v4.8.3, which has a known vulnerability in the proposal creation process that can be exploited to halt proposals sent to the governor. The root cause of this vulnerability ...
GHSA-93HQ-5WGC-JC82 GovernorCompatibilityBravo may trim proposal calldata
Impact The proposal creation entrypoint propose in GovernorCompatibilityBravo allows the creation of proposals with a signatures array shorter than the calldatas array. This causes the additional elements of the latter to be ignored, and if the proposal succeeds the corresponding actions would...
GHSA-MX2Q-35M2-X2RH OpenZeppelin Contracts TransparentUpgradeableProxy clashing selector calls may not be delegated
Impact A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding, the proxy could revert while attempting to decode the arguments from...