PYSEC-2024-150

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...

PT-2024-20454 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to the fixed version Description: The issue arises from the typechecker allowing the usage of signed integers as indexes to arrays, which are defined for unsigned integers only. This can lead to unpredictable behavior,...

Vyper Input Validation Error Vulnerability

Vyper is the Pythonic smart contract language for EVM. An input validation error vulnerability exists in Vyper 0.3.10 and earlier versions, which stems from a type checker that allows the use of signed integers as the index of an array, potentially resulting in a denial of service...

PT-2020-5187 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.29 PHP versions 7.3.x through 7.3.16 PHP versions 7.4.x through 7.4.4 Description: The issue is related to the urldecode function in PHP, which can be exploited to access memory locations past the allocated buff...