Lucene search
+L

676 matches found

OSV
OSV
added 2021/10/05 11:15 p.m.14 views

CVE-2021-41122

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0...

4.3CVSS4.6AI score
Exploits0References2
PyPA
PyPA
added 2021/10/05 11:15 p.m.9 views

PYSEC-2021-366

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0...

4.3CVSS6.8AI score0.00777EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/10/05 11:15 p.m.29 views

Out-of-bounds

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0...

4CVSS4.5AI score0.00777EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2021/10/05 11:15 p.m.6 views

2vyper (=0.3.0), async-web3 (>=0.1.0 <=0.3.1) +11 more potentially affected by CVE-2021-41122 via vyper (>=0.1.0b12 <=0.2.8)

vyper PYPI version =0.1.0b12, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =1.4.0, =0.2.1, =0.1.3, =2.0.24, =0.1.2b2, =0.1.0, =0.2.4 Source cves: CVE-2021-41122 Source advisory: OSV:PYSEC-2021-366...

4.3CVSS5.8AI score0.00777EPSS
Exploits1
OSV
OSV
added 2021/10/05 11:15 p.m.31 views

PYSEC-2021-366

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0...

4.3CVSS3.4AI score0.00777EPSS
Exploits1References2
CVE
CVE
added 2021/10/05 11:0 p.m.83 views

CVE-2021-41122

CVE-2021-41122 affects the Vyper smart contract language. The issue is that in affected versions, external functions did not properly validate the bounds of decimal arguments, enabling logic errors. The root cause is insufficient bounds checking for decimal inputs in external function definitions...

4.3CVSS4.5AI score0.00777EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/10/05 12:0 a.m.8 views

Vyper 安全漏洞

Vyper is the Pythonic smart contract language for EVM. A security vulnerability exists in Vyper that stems from an external function that does not properly validate the bounds of a decimal argument...

4.3CVSS5AI score0.00777EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2021/08/05 4:57 p.m.9 views

eth-brownie (=1.15.0) potentially affected by unknown CVE via vyper (=0.2.14)

vyper PYPI version =0.2.14 is affected by a known vulnerability. The following packages have a transitive dependency on vyper and may be impacted: - eth-brownie =1.15.0 Source cves: unknown CVE Source advisory: OSV:GHSA-7F92-RR6W-CQ64...

5.8AI score
Exploits0
Veracode
Veracode
added 2021/04/20 10:21 a.m.11 views

Data Corruption

vyper causes data corruption. Incorrect data handling allows an attacker to cause a data corruption via certain Web3 libraries with Vyper-deploy forwarder proxy contracts using Vyper's built-in createforwarderto function...

3.6AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/19 3:12 p.m.11 views

2vyper (=0.3.0), black-mamba (>=0.1.0 <=0.4.2) +4 more potentially affected by unknown CVE via vyper (>=0.1.0b12 <=0.2.11)

vyper PYPI version =0.1.0b12, =0.1.0, =1.4.0, =0.1.3, =0.1.2b2, =0.1.2b4 Source cves: unknown CVE Source advisory: OSV:GHSA-22WC-C9WJ-6Q2V...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/19 3:11 p.m.6 views

2vyper (=0.3.0), async-web3 (>=0.1.0 <=0.3.1) +11 more potentially affected by unknown CVE via vyper (>=0.1.0b12 <=0.2.8)

vyper PYPI version =0.1.0b12, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =1.4.0, =0.2.1, =0.1.3, =2.0.24, =0.1.2b2, =0.1.0, =0.2.4 Source cves: unknown CVE Source advisory: OSV:GHSA-375M-5FVV-XQ23...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/04/19 3:11 p.m.51 views

VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption

Background @tjayrush reported a data handling issue with certain Web3 libraries using Vyper-deploy forwarder proxy contracts using our Vyper's built-in createforwarderto function prior to our change to support EIP-1167 style forwarder proxies. Impact If you are an end user of a forwarder-style...

0.9AI score
Exploits0References4Affected Software1
Veracode
Veracode
added 2020/03/26 8:36 a.m.13 views

Information Disclosure

vyper is vulnerable to information disclosure. Improper handling of integer types in the Vyper interfaces could allow a user to read an interface that returns a uint8 value to be stored into a uint256 variable without any explicit casting or input validation...

2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/03/25 6:20 p.m.5 views

2vyper (=0.3.0), black-mamba (>=0.1.0 <=0.3.0) +1 more potentially affected by unknown CVE via vyper (>=0.1.0b12 <=0.1.0b16)

vyper PYPI version =0.1.0b12, =0.1.0, =1.4.0, =1.6.7 Source cves: unknown CVE Source advisory: OSV:GHSA-MR6R-MVW4-736G...

5.8AI score
Exploits0
OSV
OSV
added 2020/03/25 6:20 p.m.3 views

GHSA-MR6R-MVW4-736G Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used

VVE-2020-0001 Earlier today, we received a responsible disclosure of a potential issue from @montyly security researcher at @trailofbits for Vyper users who make assumptions about what values certain interface types can return. Impact We determined the issue to be mild and unlikely to be exploite...

5.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/03/25 6:20 p.m.51 views

Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used

VVE-2020-0001 Earlier today, we received a responsible disclosure of a potential issue from @montyly security researcher at @trailofbits for Vyper users who make assumptions about what values certain interface types can return. Impact We determined the issue to be mild and unlikely to be exploite...

6.5AI score
Exploits0References2Affected Software1
Rows per page
Query Builder