← back
CVE-2021-3004

CVE-2021-3004

EPSS 1.3%
The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an Ethereum token, has certain incorrect calculations. An attacker can obtain more yCREDIT tokens than they should.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blocksecteam.medium.com/deposit-less-get-more-ycredit-attack-details-f589f71674c3https://etherscan.io/address/0xe0839f9b9688a77924208ad509e29952dc660261