CVE-2023-30629

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the rawcall with revertonfailure=False and maxoutsize=0 receives the wrong response from rawcall. Depending on the...

GHSA-W9G2-3W7P-72G9 Incorrect success value returned in vyper

Background During the audit of Lido's Gate Seals code statemind team identified a weird behavior of the code that uses rawcall: https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vyL164 . Construction like this: vyper success = rawcall...

PYSEC-2023-131

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the rawcall with revertonfailure=False and maxoutsize=0 receives the wrong response from rawcall. Depending on the...

PT-2023-22826 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions 0.3.1 through 0.3.7 Description: The Vyper compiler generates the wrong bytecode in versions 0.3.1 through 0.3.7. Any contract that uses the raw call with revert on failure=False and max outsize=0 receives the wrong response fr...