Use this section to tell people about which versions of your project are currently being supported with security updates.
Version | Supported |
---|---|
1.0.x | ✅ |
1.1.x | ✅ |
Read this entire template: Before you begin filling out the report, read through this template and the instructions to understand the information needed.
- Be specific and concise: Provide clear and detailed information. Avoid unnecessary jargon.
- Include all relevant details: The more information you provide, the easier it will be to understand and address the vulnerability.
- Attach supporting evidence: If you have logs, screenshots, or code snippets that demonstrate the vulnerability, include them.
- Use a responsible disclosure process: Ensure that your report follows a responsible disclosure process to protect the integrity of the project and prevent the exploitation of the vulnerability before it can be fixed.
- Reporter Information
- Name:
- Email:
- Date:
- Organization (if applicable):
- Contrac Affected Information
- Smart Contract Name(s):
- Deployment Network:
- Vulnerability Details
- Vulnerability Title:
- Severity Level:
- Low
- Medium
- High
- Critical
- Vulnerability Type:
- Reentrancy
- Integer Overflow/Underflow
- Access Control Issue
- Unchecked External Call
- Denial of Service (DoS)
- Others (Please specify):
- Description of the Vulnerability
Provide a detailed description of the vulnerability. Include the following information:
- Description:
- Location (file, function, line number):
- Steps to Reproduce
- Expected Behavior:
- Actual Behavior:
- Impact Analysis
Explain the potential impact of the vulnerability if it were to be exploited. Consider the following:
- Effect on the Contract:
- Effect on Users:
- Financial Impact:
- Evidence
Include any supporting evidence that demonstrates the existence and impact of the vulnerability. This may include:
- Code Snippets:
- Logs:
- Screenshots:
- Transactions (if applicable):
- Suggested Fixes or Mitigations (Optional)
- Provide any suggestions for how the vulnerability could be fixed or mitigated:
- Description of the Fix:
- Code Changes (if applicable):
- Additional Information
Include any other information that may be relevant to understanding and addressing the vulnerability.
Send the report for security@bakerfi.xyz