QSearchQSearch

CVE-2021-3004

7.5 HIGH

The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an Ethereum token, has certain incorrect ca...

Published: 2021-01-03 · Last updated: 2026-06-17

Severity and scoring

CVSS
7.5 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE
CWE-682

Affected products

VendorProduct
stableyieldcredit_projectstableyieldcredit

Description

The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an Ethereum token, has certain incorrect calculations. An attacker can obtain more yCREDIT tokens than they should.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-44074 Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error cond... (3.7 LOW)
  • CVE-2026-7836 An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remo... (3.1 LOW)
  • CVE-2023-7346 Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin ... (4.0 MEDIUM)
  • CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for ke... (5.0 MEDIUM)
  • CVE-2021-41122 Vyper is a Pythonic Smart Contract Language for the EVM (4.3 MEDIUM)