issues
search
code-423n4
/
2024-03-phala-network-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Analysis
#99
c4-bot-7
closed
3 months ago
2
Analysis
#98
c4-bot-4
closed
3 months ago
3
Analysis
#97
c4-bot-4
opened
3 months ago
3
Unchecked Resource Consumption issue in Storage of Wasm Code
#96
c4-bot-4
opened
3 months ago
8
Analysis
#95
c4-bot-4
closed
3 months ago
2
Analysis
#94
c4-bot-6
closed
3 months ago
3
Dereferencing Null Pointers without Validation in __pink_runtime_init
#93
c4-bot-5
closed
3 months ago
7
Lack of Input Validation in `ExecSideEffects::into_query_only_effects`
#92
c4-bot-1
closed
3 months ago
3
Analysis
#91
c4-bot-4
opened
3 months ago
3
Unchecked Storage Commitment
#90
c4-bot-8
closed
3 months ago
3
Potential Integer Overflow in Deposit Masking
#89
c4-bot-7
closed
3 months ago
2
Analysis
#88
c4-bot-3
opened
3 months ago
2
Analysis
#87
c4-bot-3
opened
3 months ago
2
Unhandled Err variant may cause incorrect masking, leading to runtime failures.
#86
c4-bot-3
closed
3 months ago
6
Unchecked unwrap may lead to runtime errors, data loss, and storage corruption.
#85
c4-bot-3
closed
3 months ago
5
QA Report
#84
c4-bot-9
closed
3 months ago
2
wrong mapping in 'k[k.len() - 32.. '
#83
c4-bot-2
closed
3 months ago
2
Memory Corruption Vulnerabilities in Ocall's Default Allocator
#82
c4-bot-6
closed
3 months ago
9
inconsistent State Due to Unhandled Migration Failures
#81
c4-bot-1
closed
3 months ago
7
Incorrect Key Handling in commit_transaction Leads to Data Integrity Issues
#80
c4-bot-7
closed
3 months ago
6
Analysis
#79
c4-bot-7
closed
3 months ago
2
`treasury` account in `pallet_pink.rs` can be killed
#78
c4-bot-8
closed
3 months ago
6
Improper validation of function pointers risks system compromise, enabling unauthorized actions and data access.
#77
c4-bot-2
closed
3 months ago
4
Analysis
#76
c4-bot-5
closed
3 months ago
2
Analysis
#75
c4-bot-6
closed
3 months ago
2
ECDSA verify funciton allow 0x00 signatures as a parameter, which makes it possible to construct a two zeros bypass ECDSA signature check.
#74
c4-bot-6
closed
3 months ago
5
The Storage.get method does not handle Err correctly, which may cause the node to crash.
#73
c4-bot-3
closed
3 months ago
2
The contract_tx method does not handle Err correctly, which may cause the node to crash.
#72
c4-bot-2
closed
3 months ago
2
Analysis
#71
c4-bot-10
opened
3 months ago
2
HTTP requests to localhost (or local IP of network of the worker) is allowed which might lead to damage or sensitive data leak from the worker
#70
c4-bot-5
closed
3 months ago
4
Incorrectness in the behaviour of cache `set` function when the storage quota exceeded
#69
c4-bot-4
closed
3 months ago
2
ecall::dispatch is vulnerable to panic events which can be used to cause panic to the worker
#68
c4-bot-10
closed
3 months ago
5
Lack of upper limit of timeout for batch HTTP request could be utilized to DoS the worker
#67
c4-bot-10
closed
3 months ago
3
Recursive HTTP requests is possible which can be used to DoS a particular worker
#66
c4-bot-4
closed
3 months ago
6
Two vulnerabilities (at least) in reqwest crate open the door for malicious actor to bring all the workers down
#65
c4-bot-5
closed
3 months ago
9
Analysis
#64
c4-bot-1
closed
3 months ago
2
QA Report
#63
c4-bot-5
opened
3 months ago
3
Analysis
#62
c4-bot-4
closed
3 months ago
2
Analysis
#61
c4-bot-2
closed
3 months ago
2
Users can lose funds when bridging from Pink to Standalone runtime
#60
c4-bot-6
closed
3 months ago
11
Analysis
#59
c4-bot-3
closed
3 months ago
2
Analysis
#58
c4-bot-3
closed
3 months ago
2
Any function generated by `define_mask_fn!` maybe panic
#57
c4-bot-4
closed
3 months ago
2
Attacker can take over the blockchain node server running in cloud by http_request
#56
c4-bot-3
closed
3 months ago
10
Maybe cause panic in ExternalStorage.get
#55
c4-bot-7
closed
3 months ago
9
high gas_consumed will make node panic
#54
c4-bot-4
closed
3 months ago
7
http requests can be accessed at the local address 127.0.0.1
#53
c4-bot-8
closed
3 months ago
11
Unbounded Operation in `local_cache::apply_quotas` Can Cause OOG
#52
c4-bot-5
closed
3 months ago
4
Analysis
#51
c4-bot-7
opened
3 months ago
2
Limited availability of `balance_of(...)` method
#50
c4-bot-8
opened
3 months ago
6
Next