EUVD-2024-0174

Malicious code in bioql PyPI...

CVE-2024-24559

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...

CVE-2024-24559

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...

Design/Logic Flaw

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...

PYSEC-2024-147

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...

PYSEC-2024-147

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...

CVE-2024-24559

CVE-2024-24559 : Vyper SHA3 codegen bug due to miscalculated height in IR for sha3_64. Can only be triggered with hand-written IR; not exposed by regular vyper code. Public advisories describe a low-impact issue, with a hand-written IR PoC and a patch patch (PR 4063) fixing the problem. Exploitat...

CVE-2024-24559 Vyper SHA3 code generation bug

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...

GHSA-6845-XW22-FFXV Vyper sha3 codegen bug

Summary There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand. That is, it cannot be triggered from regular vyper code, it can only be triggered by using the...

Vyper sha3 codegen bug

Summary There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand. That is, it cannot be triggered from regular vyper code, it can only be triggered by using the...