2 matches found
CVE-2023-46232
The CVE concerns era-compiler-vyper (EraVM Vyper compiler for zkSync Era). Before 1.3.10, a bug in initialization of the first immutable variable for Vyper contracts could occur when a String or Array allocates more 256‑bit words than are initialized; the second word’s index could be left unset (...
PT-2023-29916 · Unknown · Era-Compiler-Vyper
Name of the Vulnerable Software and Affected Versions: era-compiler-vyper versions prior to 1.3.10 Description: The issue arises in the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. A bug prevented the initialization of the first immutabl...