CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41121 – Memory corruption in Vyper
https://notcve.org/view.php?id=CVE-2021-41121
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0. Vyper es un Lenguaje de Contrato Inteligente de Python para el EVM. En las versiones afectadas, cuando se lleva a cabo una llamada a una función dentro de una estructura literal, se presenta un problema de corrupción de memoria que se produce debido a un puntero incorrecto en la parte superior de la pila. • https://github.com/vyperlang/vyper/pull/2447 https://github.com/vyperlang/vyper/security/advisories/GHSA-xv8x-pr4h-73jv • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41122 – Bounds check missing for decimal args in Vyper
https://notcve.org/view.php?id=CVE-2021-41122
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0. Vyper es un lenguaje de contrato inteligente de Python para el EVM. • https://github.com/vyperlang/vyper/pull/2447 https://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46 • CWE-682: Incorrect Calculation •