Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2021-0255

Date: August 19, 2025

An issue was found in version 1.0.0 of the "@liquity/contracts" NPM package. TCR is miscalculated in the batchLiquidateTroves function during Recovery Mode.

Language: JS

Severity Score

Related Resources (5)

https://github.com/liquity/dev/blob/7c83ea11378454629618b3808b16fbfda69ee3e5/packages/contracts/contracts/TroveManager.sol#L722
https://github.com/liquity/dev/commit/c69d0bae30b5457e89724d880851a03ba7477905
https://www.npmjs.com/package/@liquity/contracts
https://github.com/liquity/dev/security/advisories/GHSA-xh2p-7p87-fhgh
https://www.mend.io/vulnerability-database/WS-2021-0255

Severity Score

Weakness Type (CWE)

Incorrect Calculation

CWE-682

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us