27 matches found
PT-2025-20289 · Hyperledger · Hyperledger Besu +1
Name of the Vulnerable Software and Affected Versions: Hyperledger Besu versions 24.7.1 through 25.2.2 besu-native versions 0.9.0 through 1.2.1 Description: The issue concerns a potential consensus bug in the precompiles ALTBN128 ADD 0x06, ALTBN128 MUL 0x07, and ALTBN128 PAIRING 0x08 due to the u...
PYSEC-2025-33
Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the precompiles EcRecover 0x1 and Identity 0x4, the success flag of the call is not checked. As a consequence an attacker can provide a specific amount of gas to make these calls fail but let the overall executi...
GHSA-VGF2-GVX8-XWC3 Vyper Does Not Check the Success of Certain Precompile Calls
Summary When the Vyper Compiler uses the precompiles EcRecover 0x1 and Identity 0x4, the success flag of the call is not checked. As a consequence an attacker can provide a specific amount of gas to make these calls fail but let the overall execution continue. Then the execution result can be...
GO-2024-2715 Evmos transaction execution not accounting for all state transition after interaction with precompiles in github.com/evmos/evmos
Evmos transaction execution not accounting for all state transition after interaction with precompiles in github.com/evmos/evmos...
Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm)
Impact A custom stateful precompile can use the isstatic parameter to determine if the call is executed in a static context via STATICCALL, and thus decide if stateful operations should be done. Previously, the passed isstatic parameter was incorrect -- it was only set to true if the call comes...
GHSA-HHC4-47RH-CR34 Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm)
Impact A custom stateful precompile can use the isstatic parameter to determine if the call is executed in a static context via STATICCALL, and thus decide if stateful operations should be done. Previously, the passed isstatic parameter was incorrect -- it was only set to true if the call comes...
PT-2022-24922 · Sputnikvm · Sputnikvm
Name of the Vulnerable Software and Affected Versions: SputnikVM versions prior to 0.36.0 Description: A custom stateful precompile can use the is static parameter to determine if the call is executed in a static context, and thus decide if stateful operations should be done. Prior to version...