CVE-2023-30629 Vyper's raw_call with outsize=0 and revert_on_failure=False returns incorrect success value

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the rawcall with revertonfailure=False and maxoutsize=0 receives the wrong response from rawcall. Depending on the...

wasm3 缓冲区错误漏洞

wasm3 is the fastest WebAssembly interpreter and the most versatile runtime. A security vulnerability exists in wasm3 version v0.5.0, which is caused by a slot index overflow due to a missing slot in some bytecode...