Compiler Security Vulnerabilities
ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern f(a(),b()); check_if_a_executed_last() in Yul that exposes a bug in evaluation order of Yul function arguments. This vulnerability has been fixed in version...
5.3CVSS
7.3AI Score
era-compiler-solidity is the ZKsync compiler for Solidity. The problem occurred during instruction selection in the DAGCombine phase while visiting the XOR operation. The issue arises when attempting to fold the expression !(x cc y) into (x !cc y). To perform this transformation, the second...
5.9CVSS
6.9AI Score
0.0004EPSS
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by...
2.8CVSS
7.1AI Score
0.0004EPSS
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The problem....
5.3CVSS
6.7AI Score
0.001EPSS
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious...
7.8CVSS
7.7AI Score
0.001EPSS
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended...
7.8CVSS
7.6AI Score
0.001EPSS
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious...
7.8CVSS
7.6AI Score
0.001EPSS
Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela compiler before version 0.6.1 there is a vulnerability which allows exposure of server configuration. It impacts all users of Vela. An attacker can use Sprig's env function to retrieve...
5.3CVSS
5.2AI Score
0.002EPSS
closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument "options" of the exports function in "index.js" can be controlled by users without any...
9.8CVSS
9.5AI Score
0.014EPSS
frames-compiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and.....
8.1CVSS
8.3AI Score
0.002EPSS
The riot-compiler version version 2.3.21 has an issue in a regex (Catastrophic Backtracking) thats make it unusable under certain...
7.5CVSS
7.5AI Score
0.001EPSS