2 matches found
GHSA-4W26-8P97-F4JP AugAssign evaluation order causing OOB write within the object in Vyper
Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the bounds check will not be re-evaluated during the write...
CVE-2025-27105
CVE-2025-27105 concerns vyper, a Pythonic smart contract language for the EVM. The issue arises in AugAssign handling when the target is an access to a dynamic array (DynArray); if the right-hand side modifies the array, the target is cached and the bounds check may not be re-evaluated during the...