Vulnerabilities > CVE-2019-20809 - Unspecified vulnerability in Compound Price Oracle 1.0/2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows a price poster to set an invalid asset price via the setPrice function, and consequently violate the intended limits on price swings.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |