CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31146 – Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment
https://notcve.org/view.php?id=CVE-2023-31146
Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment. The issue can cause data corruption across call frames. The expected behavior is to revert due to out-of-bounds array access. Version 0.3.8 contains a patch for this issue. • https://github.com/vyperlang/vyper/commit/4f8289a81206f767df1900ac48f485d90fc87edb https://github.com/vyperlang/vyper/security/advisories/GHSA-3p37-3636-q8wv • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30837 – Vyper storage allocator overflow
https://notcve.org/view.php?id=CVE-2023-30837
Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8. • https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bb https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30629 – Vyper's raw_call with outsize=0 and revert_on_failure=False returns incorrect success value
https://notcve.org/view.php?id=CVE-2023-30629
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the `raw_call` with `revert_on_failure=False` and `max_outsize=0` receives the wrong response from `raw_call`. Depending on the memory garbage, the result can be either `True` or `False`. A patch is available and, as of time of publication, anticipated to be part of Vyper 0.3.8. • https://docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164 https://github.com/lidofinance/gate-seals/pull/5/files https://github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae https://github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29255 – Multiple evaluation of contract address in call in vyper
https://notcve.org/view.php?id=CVE-2022-29255
Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior to 0.3.4 when a calling an external contract with no return value, the contract address (including side effects) could be evaluated twice. This may result in incorrect outcomes for contracts. This issue has been addressed in v0.3.4. Vyper es un Lenguaje de Contratos Inteligentes de Python para la máquina virtual de Ethereum. • https://github.com/vyperlang/vyper/commit/6b4d8ff185de071252feaa1c319712b2d6577f8d https://github.com/vyperlang/vyper/security/advisories/GHSA-4v9q-cgpw-cf38 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24845 – Integer bounds error in Vyper
https://notcve.org/view.php?id=CVE-2022-24845
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In affected versions, the return of `<iface>.returns_int128()` is not validated to fall within the bounds of `int128`. This issue can result in a misinterpretation of the integer value and lead to incorrect behavior. As of v0.3.0, `<iface>.returns_int128()` is validated in simple expressions, but not complex expressions. Users are advised to upgrade. • https://github.com/vyperlang/vyper/commit/049dbdc647b2ce838fae7c188e6bb09cf16e470b https://github.com/vyperlang/vyper/security/advisories/GHSA-j2x6-9323-fp7h • CWE-190: Integer Overflow or Wraparound •