When we are using Chainlink in L2 chains like Arbitrum, it's important to ensure that the prices that we gor from latestRoundData as fresh as possible even when the sequencer is down. This vulnerability could potentially be exploited by malicious user to gain some advantage.
There is an oracle function to check for stale prices:
However it is not check if a sequencer is down. It can become a problem if you use the oracle on different l2 chains, like Arbitrum, as it could return a stale price.
The protocol can be abused by malicious user on L2 chains.
Manual review
Provide a check for a seqencer as it recommended in the Chainlink docs: https://docs.chain.link/data-feeds/l2-sequencer-feeds#example-code, like
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.