All-for-one : Security Vulnerabilities, CVEs,
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling game, generates a random value with publicly readable variables because the _seed value can be retrieved with a getStorageAt call. Therefore, it allows attackers to always win and get rewards.
Max CVSS
7.5
EPSS Score
0.18%
Published
2018-08-15
Updated
2019-06-24
1 vulnerabilities found