RSS   Vulnerabilities for 'Price oracle'   RSS

2020-06-03
 
CVE-2019-20809

CWE-20
 

 
The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings.

 


Copyright 2024, cxsecurity.com

 

Back to Top