Makerdao_bbp


reports in last 90 days

4

disclosed resolved issues

1

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

High Steal all MKR from `flap` during liquidation by exploiting lack of validation in `flap.kick`

Improper Input Validation lucash-dev Time to triage: 7 Days and 7 hours


Time to close: 20 Days and 3 hours
Resolved

Critical Steal ALL collateral during liquidation by exploiting lack of validation in `flip.kick`

Improper Input Validation lucash-dev Time to triage: 7 Days and 11 hours


Time to close: 21 Days and 0 hours
Resolved

Low .git file accessible

Information Disclosure nitrozeus0x01 Issue was not triaged


Time to close: 2 Days and 3 hours
Informative

High Steal collateral during `end` process, by earning DSR interest after `flow`.

Business Logic Errors lucash-dev Time to triage: 22 Days and 17 hours


Time to close: 4 Days and 1 hours
Resolved

High Earn free DAI interest (inflation) through instant CDP+DSR in one tx

Business Logic Errors lucash-dev Issue was not triaged


Time to close: 7 Days and 13 hours
Resolved