5 matches found
CVE-2024-26149
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. If an excessively large value is specified as the starting index for an array in abidecode, it can cause the read position to overflow. This results in the decoding of values outside the intended array bounds, potential...
2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2024-26149 via vyper (>=0.1.0b12 <=0.4.0)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2024-26149 Source advisory: OSV:PYSEC-2024-164...
CVE-2024-26149 Vyper _abi_decode Memory Overflow
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. If an excessively large value is specified as the starting index for an array in abidecode, it can cause the read position to overflow. This results in the decoding of values outside the intended array bounds, potential...
CVE-2024-26149
CVE-2024-26149 (Vyper _abi_decode memory overflow) has a concrete description: in Vyper 0.3.10 and earlier, specifying an excessively large starting index for an array inside the function _abi_decode can cause the read position to overflow, allowing decoding of values outside the intended array b...
2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-26149 via vyper (>=0.1.0b12 <=0.3.9)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-26149 Source advisory: OSV:GHSA-9P8R-4XP4-GW5W...