8 matches found
Fedora: Security Advisory (FEDORA-2025-826c82e00f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : vyper (2025-77c63e7236)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-77c63e7236 advisory. Vyper ver. 0.4.1 ---- Another one small fix ---- Fix for a few known issues Tenable has extracted the preceding description block directly from the...
CVE-2025-26622
A flaw was found in Vyper’s sqrt builtin function. This vulnerability allows incorrect rounding of square root calculations via improper handling of oscillating final states in the Babylonian method. Mitigation Mitigation for this issue is either not available or the currently available options d...
2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2025-26622 via vyper (>=0.1.0b12 <=0.4.0)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2025-26622 Source advisory: SNYK:PYTHON-VYPER-8743938...
2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2025-26622 via vyper (>=0.1.0b12 <=0.4.0)
vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2025-26622 Source advisory: OSV:GHSA-2P94-8669-XG86...
CVE-2025-26622
vyper is a Pythonic Smart Contract Language for the EVM. Vyper sqrt builtin uses the babylonian method to calculate square roots of decimals. Unfortunately, improper handling of the oscillating final states may lead to sqrt incorrectly returning rounded up results. This issue is being addressed a...
CVE-2025-26622 sqrt doesn't define rounding behavior in Vyper
vyper is a Pythonic Smart Contract Language for the EVM. Vyper sqrt builtin uses the babylonian method to calculate square roots of decimals. Unfortunately, improper handling of the oscillating final states may lead to sqrt incorrectly returning rounded up results. This issue is being addressed a...
CVE-2025-26622
The CVE concerns vyper’s sqrt() builtin, which uses the Babylonian method for decimals. The problem arises from improper handling of oscillating final states, which can cause sqrt to return a rounded-up value (e.g., for certain inputs, 0.9999999998 → 0.9999999999). The issue is detailed in the GH...