Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/05/23 10:41 a.m.9 views

CVE-2024-24564

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

5.3CVSS6.6AI score0.00561EPSS
Exploits1References1
vulnersosv
vulnersosv
added 2024/02/26 8:19 p.m.5 views

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24564 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24564 Source advisory: OSV:PYSEC-2024-205...

5.3CVSS5.8AI score0.00561EPSS
Exploits1
cve
cve
added 2024/02/26 8:16 p.m.133 views

CVE-2024-24564

Vyper CVE-2024-24564 describes a memory-safety issue with extract32(b, start): if the start argument can mutate b, extracting 32 bytes may read and return dirty memory. The defect affects older Vyper versions (e.g., 0.3.10 and earlier) and is fixed in 0.4.0. Red Hat and other sources list the sam...

5.3CVSS3.8AI score0.00561EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2024/02/26 8:16 p.m.37 views

CVE-2024-24564 Vyper extract32 can ready dirty memory

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

3.7CVSS4.4AI score0.00561EPSS
Exploits1References2
osv
osv
added 2024/02/26 8:16 p.m.15 views

CVE-2024-24564 Vyper extract32 can ready dirty memory

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

3.7CVSS4.7AI score0.00561EPSS
Exploits1References4
vulnersosv
vulnersosv
added 2024/02/26 8:11 p.m.3 views

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24564 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24564 Source advisory: OSV:GHSA-4HWQ-4CPM-8VMX...

5.3CVSS5.5AI score0.00561EPSS
Exploits1
circl
circl
added 2024/02/26 6:36 p.m.9 views

CVE-2024-24564

creationtimestamp| type| source ---|---|--- 2024-02-26 18:36:30+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-4hwq-4cpm-8vmx 2024-02-26 21:26:20+00:00| seen| https://t.me/ctinow/193769 2024-02-26 21:31:45+00:00| seen| https://t.me/ctinow/193776...

5.3CVSS5.8AI score0.00561EPSS
Exploits1References3
Rows per page
Query Builder