Custom ERC20 implementation exposes _transfer() as public Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
compound-sweeptoken-not-restricted
Function sweepToken is allowed to be called by anyone Likelihood: LOW Confidence: MEDIUM CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
arbitrary-send-erc20
msg.sender is not being used when calling erc20.transferFrom. Example - Alice approves this contract to spend her ERC20 tokens. Bob can call function ‘a’ and specify Alice’s address as the from parameter in transferFrom, allowing him to transfer Alice’s tokens to himself. Likelihood: LOW Confidence: LOW CWE: - CWE-285: Improper Authorization
OWASP: - A01:2021 - Broken Access Control
no-bidi-characters
The code must not contain any of Unicode Direction Control Characters Likelihood: LOW Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 3
- 7
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- a
-
- S
- i
- n
- g
- l
- e
- ,
-
- U
- n
- i
- q
- u
- e
-
- A
- c
- t
- i
- o
- n
erc721-reentrancy
ERC721 onERC721Received() reentrancy Likelihood: LOW Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
erc20-public-burn
Anyone can burn tokens of other accounts Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
sense-missing-oracle-access-control
Oracle update is not restricted in $F() Likelihood: HIGH Confidence: MEDIUM CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
erc777-reentrancy
ERC777 tokensReceived() reentrancy Likelihood: LOW Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
unrestricted-transferownership
Unrestricted transferOwnership Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
curve-readonly-reentrancy
$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy. Likelihood: MEDIUM Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
redacted-cartel-custom-approval-bug
transferFrom() can steal allowance of other accounts Likelihood: HIGH Confidence: HIGH CWE: - C
- W
- E
- -
- 6
- 8
- 8
- :
-
- F
- u
- n
- c
- t
- i
- o
- n
-
- C
- a
- l
- l
-
- W
- i
- t
- h
-
- I
- n
- c
- o
- r
- r
- e
- c
- t
-
- V
- a
- r
- i
- a
- b
- l
- e
-
- o
- r
-
- R
- e
- f
- e
- r
- e
- n
- c
- e
-
- a
- s
-
- A
- r
- g
- u
- m
- e
- n
- t
proxy-storage-collision
Proxy declares a state var that may override a storage slot of the implementation Likelihood: MEDIUM Confidence: HIGH CWE: - C
- W
- E
- -
- 7
- 8
- 7
- :
-
- O
- u
- t
- -
- o
- f
- -
- b
- o
- u
- n
- d
- s
-
- W
- r
- i
- t
- e
incorrect-use-of-blockhash
blockhash(block.number) and blockhash(block.number + N) always returns 0. Likelihood: LOW Confidence: HIGH CWE: - C
- W
- E
- -
- 3
- 4
- 1
- :
-
- P
- r
- e
- d
- i
- c
- t
- a
- b
- l
- e
-
- f
- r
- o
- m
-
- O
- b
- s
- e
- r
- v
- a
- b
- l
- e
-
- S
- t
- a
- t
- e
erc721-arbitrary-transferfrom
Custom ERC721 implementation lacks access control checks in _transfer() Likelihood: HIGH Confidence: MEDIUM CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
compound-borrowfresh-reentrancy
Function borrowFresh() in Compound performs state update after doTransferOut() Likelihood: LOW Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
no-slippage-check
No slippage check in a Uniswap v2/v3 trade Likelihood: HIGH Confidence: MEDIUM CWE: - C
- W
- E
- -
- 6
- 8
- 2
- :
-
- I
- n
- c
- o
- r
- r
- e
- c
- t
-
- C
- a
- l
- c
- u
- l
- a
- t
- i
- o
- n
rigoblock-missing-access-control
setMultipleAllowances() is missing onlyOwner modifier Likelihood: HIGH Confidence: HIGH CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
accessible-selfdestruct
Contract can be destructed by anyone in $FUNC Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
gearbox-tokens-path-confusion
UniswapV3 adapter implemented incorrect extraction of path parameters Likelihood: LOW Confidence: LOW CWE: - C
- W
- E
- -
- 1
- 2
- 8
- 5
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
-
- o
- f
-
- S
- p
- e
- c
- i
- f
- i
- e
- d
-
- I
- n
- d
- e
- x
- ,
-
- P
- o
- s
- i
- t
- i
- o
- n
- ,
-
- o
- r
-
- O
- f
- f
- s
- e
- t
-
- i
- n
-
- I
- n
- p
- u
- t
basic-oracle-manipulation
Price oracle can be manipulated via flashloan Likelihood: MEDIUM Confidence: LOW CWE: - C
- W
- E
- -
- 6
- 8
- 2
- :
-
- I
- n
- c
- o
- r
- r
- e
- c
- t
-
- C
- a
- l
- c
- u
- l
- a
- t
- i
- o
- n
basic-arithmetic-underflow
Possible arithmetic underflow Likelihood: MEDIUM Confidence: LOW CWE: - C
- W
- E
- -
- 1
- 9
- 1
- :
-
- I
- n
- t
- e
- g
- e
- r
-
- U
- n
- d
- e
- r
- f
- l
- o
- w
-
- (
- W
- r
- a
- p
-
- o
- r
-
- W
- r
- a
- p
- a
- r
- o
- u
- n
- d
- )
delegatecall-to-arbitrary-address
An attacker may perform delegatecall() to an arbitrary address. Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 0
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- I
- n
- p
- u
- t
-
- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
keeper-network-oracle-manipulation
Keep3rV2.current() call has high data freshness, but it has low security, an exploiter simply needs to manipulate 2 data points to be able to impact the feed. Likelihood: LOW Confidence: HIGH CWE: - C
- W
- E
- -
- 6
- 8
- 2
- :
-
- I
- n
- c
- o
- r
- r
- e
- c
- t
-
- C
- a
- l
- c
- u
- l
- a
- t
- i
- o
- n
arbitrary-low-level-call
An attacker may perform call() to an arbitrary address with controlled calldata Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 0
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- I
- n
- p
- u
- t
-
- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
balancer-readonly-reentrancy-getpooltokens
$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy. Likelihood: MEDIUM Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
tecra-coin-burnfrom-bug
Parameter “from” is checked at incorrect position in “_allowances” mapping Likelihood: HIGH Confidence: MEDIUM CWE: - C
- W
- E
- -
- 6
- 8
- 8
- :
-
- F
- u
- n
- c
- t
- i
- o
- n
-
- C
- a
- l
- l
-
- W
- i
- t
- h
-
- I
- n
- c
- o
- r
- r
- e
- c
- t
-
- V
- a
- r
- i
- a
- b
- l
- e
-
- o
- r
-
- R
- e
- f
- e
- r
- e
- n
- c
- e
-
- a
- s
-
- A
- r
- g
- u
- m
- e
- n
- t
openzeppelin-ecdsa-recover-malleable
Potential signature malleability in $F Likelihood: MEDIUM Confidence: LOW CWE: - C
- W
- E
- -
- 3
- 4
- 7
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- V
- e
- r
- i
- f
- i
- c
- a
- t
- i
- o
- n
-
- o
- f
-
- C
- r
- y
- p
- t
- o
- g
- r
- a
- p
- h
- i
- c
-
- S
- i
- g
- n
- a
- t
- u
- r
- e
balancer-readonly-reentrancy-getrate
$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy. Likelihood: MEDIUM Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
uniswap-callback-not-protected
Uniswap callback is not protected Likelihood: MEDIUM Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- A
- c
- c
- e
- s
- s
-
- C
- o
- n
- t
- r
- o
- l
erc677-reentrancy
ERC677 callAfterTransfer() reentrancy Likelihood: MEDIUM Confidence: HIGH CWE: - C
- W
- E
- -
- 8
- 4
- 1
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-
- W
- o
- r
- k
- f
- l
- o
- w
msg-value-multicall
$F with constant msg.value can be called multiple times Likelihood: MEDIUM Confidence: LOW CWE: - C
- W
- E
- -
- 8
- 3
- 7
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-
- o
- f
-
- a
-
- S
- i
- n
- g
- l
- e
- ,
-
- U
- n
- i
- q
- u
- e
-
- A
- c
- t
- i
- o
- n
encode-packed-collision
abi.encodePacked hash collision with variable length arguments in $F() Likelihood: MEDIUM Confidence: HIGH CWE: - C
- W
- E
- -
- 2
- 0
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- I
- n
- p
- u
- t
-
- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
superfluid-ctx-injection
A specially crafted calldata may be used to impersonate other accounts Likelihood: HIGH Confidence: HIGH CWE: - C
- W
- E
- -
- 2
- 0
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- I
- n
- p
- u
- t
-
- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
oracle-price-update-not-restricted
Oracle price data can be submitted by anyone Likelihood: HIGH Confidence: LOW CWE: - C
- W
- E
- -
- 2
- 8
- 4
- :
-