CVE-2023-30837
7.5HIGHVyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. Thi
게시됨: 5/8/2023업데이트됨: 11/21/2024
설명
Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8.
AI 분석AI 기반
영향받는 제품
vyperlangvyper
참조
- https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bbPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6ExploitVendor Advisory
- https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bbPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6ExploitVendor Advisory