Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2024/02/01 8:51 p.m.5 views

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24561 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24561 Source advisory: OSV:GHSA-9X7F-GWXQ-6F2C...

9.8CVSS7.7AI score0.00902EPSS
Exploits1
NVD
NVD
added 2024/02/01 5:15 p.m.51 views

CVE-2024-24561

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

9.8CVSS9.6AI score0.00902EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/01 4:37 p.m.3 views

CVE-2024-24561 Vyper bounds check on built-in `slice()` function can be overflowed

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

9.8CVSS7.3AI score0.00902EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/01 4:37 p.m.55 views

CVE-2024-24561 Vyper bounds check on built-in `slice()` function can be overflowed

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

9.8CVSS9.8AI score0.00902EPSS
Exploits1References3
CVE
CVE
added 2024/02/01 4:37 p.m.65 views

CVE-2024-24561

CVE-2024-24561 (Vyper) : The vulnerability is in the built-in slice() bounds check for Vyper up to version 0.3.10, where the runtime check does not account for overflow of start + length when arguments are non-literal. This can enable out-of-bounds (OOB) access to storage, memory, or calldata and...

9.8CVSS9.5AI score0.00902EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/02/01 4:37 p.m.22 views

CVE-2024-24561 Vyper bounds check on built-in `slice()` function can be overflowed

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

9.8CVSS9.2AI score0.00902EPSS
Exploits1References5
Rows per page
Query Builder