issues
search
code-423n4
/
2022-04-jpegd-findings
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#186
code423n4
closed
2 years ago
0
Gas Optimizations
#185
code423n4
opened
2 years ago
0
QA Report
#184
code423n4
opened
2 years ago
0
QA Report
#183
code423n4
opened
2 years ago
0
Unsafe transfer in `FungibleAssetVaultForDAO.sol::withdraw()`.
#182
code423n4
closed
2 years ago
2
`NFTVault.sol::overrideFloor()` should have upper and lower bounds set.
#181
code423n4
closed
2 years ago
2
Gas Optimizations
#180
code423n4
opened
2 years ago
0
QA Report
#179
code423n4
opened
2 years ago
0
QA Report
#178
code423n4
opened
2 years ago
0
QA Report
#177
code423n4
opened
2 years ago
0
Owner can lock NFT infinitely
#176
code423n4
closed
2 years ago
1
withdraw in FungibleAssetVaultForDAO.sol can be unusable for smart contract calls
#175
code423n4
closed
2 years ago
2
Gas Optimizations
#174
code423n4
opened
2 years ago
0
Use of deprecated Chainlink API
#173
code423n4
closed
2 years ago
1
Uncontrolled usage of Chainlink API for core price retrieval
#172
code423n4
closed
2 years ago
1
QA Report
#171
code423n4
opened
2 years ago
0
Gas Optimizations
#170
code423n4
opened
2 years ago
0
Gas Optimizations
#169
code423n4
opened
2 years ago
0
[WP-H23] `YVaultLPFarming.sol` Pending JPEG rewards can be stolen by attacker
#168
code423n4
closed
2 years ago
2
[WP-H22] Bad debts should not continue to accrue interest
#167
code423n4
opened
2 years ago
1
[WP-H20] A malicious early user/attacker can manipulate the `accRewardPerShare` to break `deposit`
#166
code423n4
closed
2 years ago
2
possible misuse of setPendingNFTValueETH
#165
code423n4
closed
2 years ago
2
[WP-H19] `NFTVault.sol` collateral NFT can be frozen in the NFTVault contract, when a contract with no `onERC721Received` method called `liquidate()` on a `USE_INSURANCE` position
#164
code423n4
closed
2 years ago
2
[WP-M18] `nftValueETH` should expire after JPEG unlocked
#163
code423n4
closed
2 years ago
2
calling pause() in StableCoin.sol has no effect
#162
code423n4
closed
2 years ago
2
[WP-M17] `pendingNFTValueETH` should have an expiration time
#161
code423n4
closed
2 years ago
2
[WP-H13] `LockPosition` can be overwritten by new `lockFor()` which leads to user's funds loss
#160
code423n4
closed
2 years ago
1
missing lowerbounds for critical parameters creditLimitRate & liquidationLimitRate.
#159
code423n4
closed
2 years ago
2
Use of deprecated Chainlink function `latestAnswer`
#158
code423n4
closed
2 years ago
1
[WP-H9] `_swapUniswapV2` may use an improper `path` which can cause a loss of the majority of the rewardTokens
#157
code423n4
opened
2 years ago
2
[WP-H5] `yVault.sol` A malicious early user/attacker can manipulate the vault's pricePerShare to take an unfair share of future users' deposits
#156
code423n4
closed
2 years ago
1
Usage of deprecated Chainlink functions
#155
code423n4
closed
2 years ago
1
QA Report
#154
code423n4
opened
2 years ago
0
Gas Optimizations
#153
code423n4
opened
2 years ago
0
Gas Optimizations
#152
code423n4
opened
2 years ago
0
Gas Optimizations
#151
code423n4
opened
2 years ago
0
QA Report
#150
code423n4
opened
2 years ago
0
Gas Optimizations
#149
code423n4
opened
2 years ago
0
QA Report
#148
code423n4
opened
2 years ago
0
FungibleAssetVaultForDAO: direct value transfers
#147
code423n4
closed
2 years ago
2
LPFarming: large `allocPoints` can cause overflow and lock funds
#146
code423n4
closed
2 years ago
2
JPEGLock lockups overwrite previous data
#145
code423n4
closed
2 years ago
1
QA Report
#144
code423n4
opened
2 years ago
0
Gas Optimizations
#143
code423n4
opened
2 years ago
0
Gas Optimizations
#142
code423n4
opened
2 years ago
0
Gas Optimizations
#141
code423n4
opened
2 years ago
0
QA Report
#140
code423n4
opened
2 years ago
0
`StrategyPUSDConvex.balanceOfJPEG` uses incorrect function signature while calling `extraReward.earned`, causing the function to unexpectedly revert everytime
#139
code423n4
opened
2 years ago
2
`StrategyPUSDConvex.balanceOfJPEG` calculates the amount of `JPEG` interest incorrectly, leading to incorrect updates in `YVaultLPFarming._computeUpdate`
#138
code423n4
closed
2 years ago
2
`StrategyPUSDConvex`, `Controller` and `YVault` does not check corresponding `Controller`, `YVault`, `YFaultLPFarming` when calculating balance and accepting deposits. Allowing malicious users to create fake instances for phishing attacks
#137
code423n4
closed
2 years ago
2
Previous
Next