4 matches found
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the recvMessageloop validation path in fsm.go. An attacker can crash the GoBGP process by sending a BGP UPDATE whose NEXTHOP attribute reports a length shorter than 4 while the...
Hardcoded slippage of 95% may not be ideal if liquidity is low or during market volatility, may result in revert when depositing or withdrawing
Lines of code Vulnerability details Impact Larger Deposits and/or withdraw may not work with a 95% slippage parameter. If there are many swaps going on, the slippage should be less restrictive to allow for deposits/withdraws. Proof of Concept In TokenisableRange.sol, the slippage is hardcoded at...
Token decimals may be above 18 leading to underflow issues
Lines of code Vulnerability details Impact In both StableVault and Trading, there is an assumption that token decimal amounts are =18. However this can break if token decimals are 18, resulting in underflow which can lead to unpredictable behaviors, and extreme amounts during deposits and...
ConvexStakingWrapper deposits and withdraws will frequently be disabled if a token that doesn't allow zero value transfers will be added as a reward one
Lines of code Vulnerability details Impact If deposits and withdraws are done frequently enough, the reward update operation they invoke will deal mostly with the case when there is nothing to add yet, i.e. reward.remaining match the reward token balance. If reward token doesn't allow for zero...