7 matches found
CVE-2024-24564
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...
2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24564 via vyper (>=0.1.0b12 <=0.3.9)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24564 Source advisory: OSV:PYSEC-2024-205...
CVE-2024-24564
Vyper CVE-2024-24564 describes a memory-safety issue with extract32(b, start): if the start argument can mutate b, extracting 32 bytes may read and return dirty memory. The defect affects older Vyper versions (e.g., 0.3.10 and earlier) and is fixed in 0.4.0. Red Hat and other sources list the sam...
CVE-2024-24564 Vyper extract32 can ready dirty memory
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...
CVE-2024-24564 Vyper extract32 can ready dirty memory
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...
2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24564 via vyper (>=0.1.0b12 <=0.3.9)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24564 Source advisory: OSV:GHSA-4HWQ-4CPM-8VMX...
CVE-2024-24564
creationtimestamp| type| source ---|---|--- 2024-02-26 18:36:30+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-4hwq-4cpm-8vmx 2024-02-26 21:26:20+00:00| seen| https://t.me/ctinow/193769 2024-02-26 21:31:45+00:00| seen| https://t.me/ctinow/193776...