Lucene search
+L

6 matches found

GithubExploit
GithubExploit
added 2024/04/10 10:27 a.m.458 views

Exploit for Improper Check for Unusual or Exceptional Conditions in Vyperlang Vyper

CVE-2024-24576-Poc-Python A quick POC for the vulnerability di...

10CVSS5.6AI score0.20342EPSS
Exploits11
Vulnrichment
Vulnrichment
added 2024/01/30 8:17 p.m.3 views

CVE-2024-24567 raw_call `value=` kwargs not disabled for static and delegate calls

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allows passing a value in builtin rawcall even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics o...

4.8CVSS5.3AI score0.00485EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/01/30 8:17 p.m.62 views

CVE-2024-24567 raw_call `value=` kwargs not disabled for static and delegate calls

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allows passing a value in builtin rawcall even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics o...

4.8CVSS5.4AI score0.00485EPSS
Exploits3References2
CVE
CVE
added 2024/01/30 8:17 p.m.75 views

CVE-2024-24567

The CVE-2024-24567 issue concerns Vyper, a Pythonic language for the Ethereum VM. The vulnerability is in the Vyper compiler’s raw_call builtin, where a value argument can be passed even when the call is delegatecall or staticcall. However, due to the semantics of delegatecall/staticcall opcodes,...

5.3CVSS5.1AI score0.00485EPSS
Exploits3References2Affected Software1
OSV
OSV
added 2024/01/30 8:17 p.m.19 views

CVE-2024-24567 raw_call `value=` kwargs not disabled for static and delegate calls

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allows passing a value in builtin rawcall even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics o...

4.8CVSS5.2AI score0.00485EPSS
Exploits3References4
vulnersOsv
vulnersOsv
added 2024/01/30 6:42 p.m.4 views

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24567 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24567 Source advisory: OSV:GHSA-X2C2-Q32W-4W6M...

5.3CVSS6AI score0.00485EPSS
Exploits3
Rows per page
Query Builder